Merge pull request #10032 from valeriosetti/psasim-doc-update
psasim: update README file
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
index a637fe4..e48e44b 100644
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -14,7 +14,6 @@
- [ ] **TF-PSA-Crypto PR** provided # | not required because:
- [ ] **framework PR** provided Mbed-TLS/mbedtls-framework# | not required
- [ ] **3.6 PR** provided # | not required because:
-- [ ] **2.28 PR** provided # | not required because:
- **tests** provided | not required because:
diff --git a/BRANCHES.md b/BRANCHES.md
index bcceda8..49f7e28 100644
--- a/BRANCHES.md
+++ b/BRANCHES.md
@@ -11,7 +11,6 @@
as well as all the new features and bug fixes and security fixes.
- One or more long-time support (LTS) branches: these only get bug fixes and
security fixes. Currently, the supported LTS branches are:
-- [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28).
- [`mbedtls-3.6`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-3.6).
We retain a number of historical branches, whose names are prefixed by `archive/`,
@@ -108,8 +107,5 @@
- [`mbedtls-3.6`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-3.6)
maintained until March 2027, see
<https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0>.
-- [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28)
- maintained until the end of 2024, see
- <https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.8>.
Users are urged to always use the latest version of a maintained branch.
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 9f23c3b..a099356 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -420,20 +420,22 @@
if(GEN_FILES)
add_custom_command(
OUTPUT
- ${MBEDTLS_FRAMEWORK_DIR}/tests/src/test_keys.h
+ ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/test_keys.h
+ COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test
COMMAND
"${MBEDTLS_PYTHON_EXECUTABLE}"
"${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py"
"--output"
- "${MBEDTLS_FRAMEWORK_DIR}/tests/src/test_keys.h"
+ "${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/test_keys.h"
DEPENDS
${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py
)
add_custom_target(mbedtls_test_keys_header
- DEPENDS ${MBEDTLS_FRAMEWORK_DIR}/tests/src/test_keys.h)
+ DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/test_keys.h)
add_dependencies(mbedtls_test mbedtls_test_keys_header)
endif()
target_include_directories(mbedtls_test
+ PRIVATE ${CMAKE_CURRENT_BINARY_DIR}/tests/include
PRIVATE ${MBEDTLS_FRAMEWORK_DIR}/tests/include
PRIVATE tests/include
PRIVATE include
@@ -454,20 +456,22 @@
if(GEN_FILES)
add_custom_command(
OUTPUT
- ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h
+ ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/test_certs.h
+ COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test
COMMAND
"${MBEDTLS_PYTHON_EXECUTABLE}"
"${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py"
"--output"
- "${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h"
+ "${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/test_certs.h"
DEPENDS
${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py
)
add_custom_target(mbedtls_test_certs_header
- DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h)
+ DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/test_certs.h)
add_dependencies(mbedtls_test_helpers mbedtls_test_certs_header)
endif()
target_include_directories(mbedtls_test_helpers
+ PRIVATE ${CMAKE_CURRENT_BINARY_DIR}/tests/include
PRIVATE ${MBEDTLS_FRAMEWORK_DIR}/tests/include
PRIVATE tests/include
PRIVATE include
diff --git a/ChangeLog.d/9956.txt b/ChangeLog.d/9956.txt
new file mode 100644
index 0000000..cea4af1
--- /dev/null
+++ b/ChangeLog.d/9956.txt
@@ -0,0 +1,6 @@
+Removals
+ * Following the removal of DHM module (#9972 and TF-PSA-Crypto#175) the
+ following SSL functions are removed:
+ - mbedtls_ssl_conf_dh_param_bin
+ - mbedtls_ssl_conf_dh_param_ctx
+ - mbedtls_ssl_conf_dhm_min_bitlen
diff --git a/ChangeLog.d/9964.txt b/ChangeLog.d/9964.txt
new file mode 100644
index 0000000..ca0cc4b
--- /dev/null
+++ b/ChangeLog.d/9964.txt
@@ -0,0 +1,25 @@
+Removals
+ * Removal of the following sample programs:
+ pkey/rsa_genkey.c
+ pkey/pk_decrypt.c
+ pkey/dh_genprime.c
+ pkey/rsa_verify.c
+ pkey/mpi_demo.c
+ pkey/rsa_decrypt.c
+ pkey/key_app.c
+ pkey/dh_server.c
+ pkey/ecdh_curve25519.c
+ pkey/pk_encrypt.c
+ pkey/rsa_sign.c
+ pkey/key_app_writer.c
+ pkey/dh_client.c
+ pkey/ecdsa.c
+ pkey/rsa_encrypt.c
+ wince_main.c
+ aes/crypt_and_hash.c
+ random/gen_random_ctr_drbg.c
+ random/gen_entropy.c
+ hash/md_hmac_demo.c
+ hash/hello.c
+ hash/generic_sum.c
+ cipher/cipher_aead_demo.c
diff --git a/ChangeLog.d/error-unification.txt b/ChangeLog.d/error-unification.txt
new file mode 100644
index 0000000..bcf5ba1
--- /dev/null
+++ b/ChangeLog.d/error-unification.txt
@@ -0,0 +1,11 @@
+API changes
+ * The PSA and Mbed TLS error spaces are now unified. mbedtls_xxx()
+ functions can now return PSA_ERROR_xxx values.
+ There is no longer a distinction between "low-level" and "high-level"
+ Mbed TLS error codes.
+ This will not affect most applications since the error values are
+ between -32767 and -1 as before.
+
+Removals
+ * Remove mbedtls_low_level_sterr() and mbedtls_high_level_strerr(),
+ since these concepts no longer exists. There is just mbedtls_strerror().
diff --git a/ChangeLog.d/fix-msvc-version-guard-format-zu.txt b/ChangeLog.d/fix-msvc-version-guard-format-zu.txt
new file mode 100644
index 0000000..eefda61
--- /dev/null
+++ b/ChangeLog.d/fix-msvc-version-guard-format-zu.txt
@@ -0,0 +1,5 @@
+Bugfix
+ * Fix definition of MBEDTLS_PRINTF_SIZET to prevent runtime crashes that
+ occurred whenever SSL debugging was enabled on a copy of Mbed TLS built
+ with Visual Studio 2013 or MinGW.
+ Fixes #10017.
diff --git a/ChangeLog.d/remove_RSA_key_exchange.txt b/ChangeLog.d/remove_RSA_key_exchange.txt
new file mode 100644
index 0000000..f9baaf1
--- /dev/null
+++ b/ChangeLog.d/remove_RSA_key_exchange.txt
@@ -0,0 +1,2 @@
+Removals
+ * Remove support for the RSA key exchange in TLS 1.2.
diff --git a/ChangeLog.d/tls-hs-defrag-in.txt b/ChangeLog.d/tls-hs-defrag-in.txt
new file mode 100644
index 0000000..6bab02a
--- /dev/null
+++ b/ChangeLog.d/tls-hs-defrag-in.txt
@@ -0,0 +1,7 @@
+Bugfix
+ * Support re-assembly of fragmented handshake messages in TLS (both
+ 1.2 and 1.3). The lack of support was causing handshake failures with
+ some servers, especially with TLS 1.3 in practice. There are a few
+ limitations, notably a fragmented ClientHello is only supported when
+ TLS 1.3 support is enabled. See the documentation of
+ mbedtls_ssl_handshake() for details.
diff --git a/README.md b/README.md
index b00d21a..448f372 100644
--- a/README.md
+++ b/README.md
@@ -299,7 +299,7 @@
Mbed TLS supports drivers for cryptographic accelerators, secure elements and random generators. This is work in progress. Please note that the driver interfaces are not fully stable yet and may change without notice. We intend to preserve backward compatibility for application code (using the PSA Crypto API), but the code of the drivers may have to change in future minor releases of Mbed TLS.
-Please see the [PSA driver example and guide](docs/psa-driver-example-and-guide.md) for information on writing a driver.
+Please see the [PSA driver example and guide](https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/development/docs/psa-driver-example-and-guide.md) for information on writing a driver.
License
-------
diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md
index 42af9db..e927667 100644
--- a/docs/3.0-migration-guide.md
+++ b/docs/3.0-migration-guide.md
@@ -71,7 +71,7 @@
If no accessor function exists, please open an [enhancement request against Mbed TLS](https://github.com/Mbed-TLS/mbedtls/issues/new?template=feature_request.md) and describe your use case. The Mbed TLS development team is aware that some useful accessor functions are missing in the 3.0 release, and we expect to add them to the first minor release(s) (3.1, etc.).
-As a last resort, you can access the field `foo` of a structure `bar` by writing `bar.MBEDTLS_PRIVATE(foo)`. Note that you do so at your own risk, since such code is likely to break in a future minor version of Mbed TLS.
+As a last resort, you can access the field `foo` of a structure `bar` by writing `bar.MBEDTLS_PRIVATE(foo)`. Note that you do so at your own risk, since such code is likely to break in a future minor version of Mbed TLS. In the Mbed TLS 3.6 LTS this will tend to be safer than in a normal minor release because LTS versions try to maintain ABI stability.
### Move part of timing module out of the library
@@ -349,7 +349,7 @@
| `mbedtls_sha512_finish_ret` | `mbedtls_sha512_finish` |
| `mbedtls_sha512_ret` | `mbedtls_sha512` |
-To migrate to the this change the user can keep the `*_ret` names in their code
+To migrate to this change the user can keep the `*_ret` names in their code
and include the `compat_2.x.h` header file which holds macros with proper
renaming or to rename those functions in their code according to the list from
mentioned header file.
@@ -409,7 +409,7 @@
Previously, the documentation didn't state explicitly if it was OK to call
`mbedtls_cipher_check_tag()` or `mbedtls_cipher_write_tag()` directly after
the last call to `mbedtls_cipher_update()` — that is, without calling
-`mbedtls_cipher_finish()` in-between. If you code was missing that call,
+`mbedtls_cipher_finish()` in-between. If your code was missing that call,
please add it and be prepared to get as much as 15 bytes of output.
Currently the output is always 0 bytes, but it may be more when alternative
@@ -422,7 +422,7 @@
They are already niche or obsolete and most of them are weak or broken. For
those reasons possible users should consider switching to modern and safe
-alternatives to be found in literature.
+alternatives to be found in the literature.
### Deprecated functions were removed from cipher
@@ -806,11 +806,11 @@
In Mbed TLS 2.x, users would observe later calls overwriting
the effect of earlier calls, with the prevailing PSK being
the one that has been configured last. In Mbed TLS 3.0,
-calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times
+calling `mbedtls_ssl_conf_psk[_opaque]()` multiple times
will return an error, leaving the first PSK intact.
To achieve equivalent functionality when migrating to Mbed TLS 3.0,
-users calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times should
+users calling `mbedtls_ssl_conf_psk[_opaque]()` multiple times should
remove all but the last call, so that only one call to _either_
`mbedtls_ssl_conf_psk()` _or_ `mbedtls_ssl_conf_psk_opaque()`
remains.
diff --git a/docs/architecture/tls13-support.md b/docs/architecture/tls13-support.md
index aa09e30..f49e919 100644
--- a/docs/architecture/tls13-support.md
+++ b/docs/architecture/tls13-support.md
@@ -116,7 +116,6 @@
| | |
| MBEDTLS_KEY_EXCHANGE_PSK_ENABLED | n/a (2) |
| MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED | n/a |
- | MBEDTLS_KEY_EXCHANGE_RSA_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED | n/a |
diff --git a/doxygen/input/doc_encdec.h b/doxygen/input/doc_encdec.h
index cf77690..068e716 100644
--- a/doxygen/input/doc_encdec.h
+++ b/doxygen/input/doc_encdec.h
@@ -39,8 +39,6 @@
* and \c mbedtls_des3_crypt_cbc()).
* - GCM (AES-GCM and CAMELLIA-GCM) (see \c mbedtls_gcm_init())
* - Asymmetric:
- * - Diffie-Hellman-Merkle (see \c mbedtls_dhm_read_public(), \c mbedtls_dhm_make_public()
- * and \c mbedtls_dhm_calc_secret()).
* - RSA (see \c mbedtls_rsa_public() and \c mbedtls_rsa_private()).
* - Elliptic Curves over GF(p) (see \c mbedtls_ecp_point_init()).
* - Elliptic Curve Digital Signature Algorithm (ECDSA) (see \c mbedtls_ecdsa_init()).
diff --git a/framework b/framework
index 523a12d..28dc4ca 160000
--- a/framework
+++ b/framework
@@ -1 +1 @@
-Subproject commit 523a12d05b91301b020e2aa560d9774135e3a801
+Subproject commit 28dc4cae3f71f5425dd42953c6f2f38d49123bee
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index c2b5200..4328f71 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -87,12 +87,6 @@
#error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \
- ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
- !defined(MBEDTLS_PKCS1_V15) )
-#error "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites"
-#endif
-
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \
( !defined(PSA_WANT_ALG_JPAKE) || \
!defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
@@ -155,8 +149,7 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
- !(defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
+ !(defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
diff --git a/include/mbedtls/config_adjust_ssl.h b/include/mbedtls/config_adjust_ssl.h
index 7070283..2221e5b 100644
--- a/include/mbedtls/config_adjust_ssl.h
+++ b/include/mbedtls/config_adjust_ssl.h
@@ -61,7 +61,6 @@
#undef MBEDTLS_SSL_ENCRYPT_THEN_MAC
#undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET
#undef MBEDTLS_SSL_RENEGOTIATION
-#undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h
index 424ed4b..e6f5dad 100644
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@@ -108,16 +108,16 @@
*
* This module provides debugging functions.
*/
-#if (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800)
+#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900)
#include <inttypes.h>
#define MBEDTLS_PRINTF_SIZET PRIuPTR
#define MBEDTLS_PRINTF_LONGLONG "I64d"
#else \
- /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+ /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900) */
#define MBEDTLS_PRINTF_SIZET "zu"
#define MBEDTLS_PRINTF_LONGLONG "lld"
#endif \
- /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+ /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900) */
#if !defined(MBEDTLS_PRINTF_MS_TIME)
#include <inttypes.h>
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 8b7c19a..7abb00f 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -30,36 +30,6 @@
*/
void mbedtls_strerror(int errnum, char *buffer, size_t buflen);
-/**
- * \brief Translate the high-level part of an Mbed TLS error code into a string
- * representation.
- *
- * This function returns a const pointer to an un-modifiable string. The caller
- * must not try to modify the string. It is intended to be used mostly for
- * logging purposes.
- *
- * \param error_code error code
- *
- * \return The string representation of the error code, or \c NULL if the error
- * code is unknown.
- */
-const char *mbedtls_high_level_strerr(int error_code);
-
-/**
- * \brief Translate the low-level part of an Mbed TLS error code into a string
- * representation.
- *
- * This function returns a const pointer to an un-modifiable string. The caller
- * must not try to modify the string. It is intended to be used mostly for
- * logging purposes.
- *
- * \param error_code error code
- *
- * \return The string representation of the error code, or \c NULL if the error
- * code is unknown.
- */
-const char *mbedtls_low_level_strerr(int error_code);
-
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index dd9ccac..2dc475b 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -361,31 +361,6 @@
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
/**
- * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
- *
- * Enable the RSA-only based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- * MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-
-/**
* \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
*
* Enable sending of alert messages in case of encountered errors as per RFC.
diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h
index 85c1197..8e69bc0 100644
--- a/include/mbedtls/net_sockets.h
+++ b/include/mbedtls/net_sockets.h
@@ -229,7 +229,7 @@
/**
* \brief Write at most 'len' characters. If no error occurs,
- * the actual amount read is returned.
+ * the actual amount written is returned.
*
* \param ctx Socket
* \param buf The buffer to read from
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index e0c0eae..9a02a6a 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -24,10 +24,6 @@
#include "mbedtls/x509_crl.h"
#endif
-#if defined(MBEDTLS_DHM_C)
-#include "mbedtls/dhm.h"
-#endif
-
#include "mbedtls/md.h"
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED)
@@ -654,9 +650,6 @@
/* Dummy type used only for its size */
union mbedtls_ssl_premaster_secret {
unsigned char dummy; /* Make the union non-empty even with SSL disabled */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
- unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */
-#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
@@ -1006,71 +999,6 @@
mbedtls_md_type_t md_alg,
const unsigned char *hash,
size_t hash_len);
-
-/**
- * \brief Callback type: start external decryption operation.
- *
- * This callback is called during an SSL handshake to start
- * an RSA decryption operation using an
- * external processor. The parameter \p cert contains
- * the public key; it is up to the callback function to
- * determine how to access the associated private key.
- *
- * This function typically sends or enqueues a request, and
- * does not wait for the operation to complete. This allows
- * the handshake step to be non-blocking.
- *
- * The parameters \p ssl and \p cert are guaranteed to remain
- * valid throughout the handshake. On the other hand, this
- * function must save the contents of \p input if the value
- * is needed for later processing, because the \p input buffer
- * is no longer valid after this function returns.
- *
- * This function may call mbedtls_ssl_set_async_operation_data()
- * to store an operation context for later retrieval
- * by the resume or cancel callback.
- *
- * \warning RSA decryption as used in TLS is subject to a potential
- * timing side channel attack first discovered by Bleichenbacher
- * in 1998. This attack can be remotely exploitable
- * in practice. To avoid this attack, you must ensure that
- * if the callback performs an RSA decryption, the time it
- * takes to execute and return the result does not depend
- * on whether the RSA decryption succeeded or reported
- * invalid padding.
- *
- * \param ssl The SSL connection instance. It should not be
- * modified other than via
- * mbedtls_ssl_set_async_operation_data().
- * \param cert Certificate containing the public key.
- * In simple cases, this is one of the pointers passed to
- * mbedtls_ssl_conf_own_cert() when configuring the SSL
- * connection. However, if other callbacks are used, this
- * property may not hold. For example, if an SNI callback
- * is registered with mbedtls_ssl_conf_sni(), then
- * this callback determines what certificate is used.
- * \param input Buffer containing the input ciphertext. This buffer
- * is no longer valid when the function returns.
- * \param input_len Size of the \p input buffer in bytes.
- *
- * \return 0 if the operation was started successfully and the SSL
- * stack should call the resume callback immediately.
- * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if the operation
- * was started successfully and the SSL stack should return
- * immediately without calling the resume callback yet.
- * \return #MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH if the external
- * processor does not support this key. The SSL stack will
- * use the private key object instead.
- * \return Any other error indicates a fatal failure and is
- * propagated up the call chain. The callback should
- * use \c MBEDTLS_ERR_PK_xxx error codes, and <b>must not</b>
- * use \c MBEDTLS_ERR_SSL_xxx error codes except as
- * directed in the documentation of this callback.
- */
-typedef int mbedtls_ssl_async_decrypt_t(mbedtls_ssl_context *ssl,
- mbedtls_x509_crt *cert,
- const unsigned char *input,
- size_t input_len);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/**
@@ -1078,8 +1006,7 @@
*
* This callback is called during an SSL handshake to resume
* an external operation started by the
- * ::mbedtls_ssl_async_sign_t or
- * ::mbedtls_ssl_async_decrypt_t callback.
+ * ::mbedtls_ssl_async_sign_t callback.
*
* This function typically checks the status of a pending
* request or causes the request queue to make progress, and
@@ -1478,10 +1405,6 @@
void(*MBEDTLS_PRIVATE(f_dbg))(void *, int, const char *, int, const char *);
void *MBEDTLS_PRIVATE(p_dbg); /*!< context for the debug function */
- /** Callback for getting (pseudo-)random numbers */
- int(*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
- void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */
-
/** Callback to retrieve a session from the cache */
mbedtls_ssl_cache_get_t *MBEDTLS_PRIVATE(f_get_cache);
/** Callback to store a session into the cache */
@@ -1545,7 +1468,6 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_ssl_async_sign_t *MBEDTLS_PRIVATE(f_async_sign_start); /*!< start asynchronous signature operation */
- mbedtls_ssl_async_decrypt_t *MBEDTLS_PRIVATE(f_async_decrypt_start); /*!< start asynchronous decryption operation */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
mbedtls_ssl_async_resume_t *MBEDTLS_PRIVATE(f_async_resume); /*!< resume asynchronous operation */
mbedtls_ssl_async_cancel_t *MBEDTLS_PRIVATE(f_async_cancel); /*!< cancel asynchronous operation */
@@ -1562,11 +1484,6 @@
const uint16_t *MBEDTLS_PRIVATE(group_list); /*!< allowed IANA NamedGroups */
-#if defined(MBEDTLS_DHM_C)
- mbedtls_mpi MBEDTLS_PRIVATE(dhm_P); /*!< prime modulus for DHM */
- mbedtls_mpi MBEDTLS_PRIVATE(dhm_G); /*!< generator for DHM */
-#endif
-
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psk_opaque); /*!< PSA key slot holding opaque PSK. This field
@@ -1642,10 +1559,6 @@
unsigned int MBEDTLS_PRIVATE(badmac_limit); /*!< limit of records with a bad MAC */
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
- unsigned int MBEDTLS_PRIVATE(dhm_min_bitlen); /*!< min. bit length of the DHM prime */
-#endif
-
/** User data pointer or handle.
*
* The library sets this to \p 0 when creating a context and does not
@@ -1795,6 +1708,8 @@
size_t MBEDTLS_PRIVATE(in_hslen); /*!< current handshake message length,
including the handshake header */
+ size_t MBEDTLS_PRIVATE(in_hsfraglen); /*!< accumulated length of hs fragments
+ (up to in_hslen) */
int MBEDTLS_PRIVATE(nb_zero); /*!< # of 0-length encrypted messages */
int MBEDTLS_PRIVATE(keep_current_message); /*!< drop or reuse current message
@@ -2142,17 +2057,6 @@
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/**
- * \brief Set the random number generator callback
- *
- * \param conf SSL configuration
- * \param f_rng RNG function (mandatory)
- * \param p_rng RNG parameter
- */
-void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng);
-
-/**
* \brief Set the debug callback
*
* The callback has the following argument:
@@ -2868,17 +2772,10 @@
* external processor does not support any signature
* operation; in this case the private key object
* associated with the certificate will be used.
- * \param f_async_decrypt Callback to start a decryption operation. See
- * the description of ::mbedtls_ssl_async_decrypt_t
- * for more information. This may be \c NULL if the
- * external processor does not support any decryption
- * operation; in this case the private key object
- * associated with the certificate will be used.
* \param f_async_resume Callback to resume an asynchronous operation. See
* the description of ::mbedtls_ssl_async_resume_t
* for more information. This may not be \c NULL unless
- * \p f_async_sign and \p f_async_decrypt are both
- * \c NULL.
+ * \p f_async_sign is \c NULL.
* \param f_async_cancel Callback to cancel an asynchronous operation. See
* the description of ::mbedtls_ssl_async_cancel_t
* for more information. This may be \c NULL if
@@ -2890,7 +2787,6 @@
*/
void mbedtls_ssl_conf_async_private_cb(mbedtls_ssl_config *conf,
mbedtls_ssl_async_sign_t *f_async_sign,
- mbedtls_ssl_async_decrypt_t *f_async_decrypt,
mbedtls_ssl_async_resume_t *f_async_resume,
mbedtls_ssl_async_cancel_t *f_async_cancel,
void *config_data);
@@ -3753,49 +3649,6 @@
#endif /* MBEDTLS_SSL_SRV_C */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
-/**
- * \brief Set the Diffie-Hellman public P and G values
- * from big-endian binary presentations.
- * (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]_BIN)
- *
- * \param conf SSL configuration
- * \param dhm_P Diffie-Hellman-Merkle modulus in big-endian binary form
- * \param P_len Length of DHM modulus
- * \param dhm_G Diffie-Hellman-Merkle generator in big-endian binary form
- * \param G_len Length of DHM generator
- *
- * \return 0 if successful
- */
-int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf,
- const unsigned char *dhm_P, size_t P_len,
- const unsigned char *dhm_G, size_t G_len);
-
-/**
- * \brief Set the Diffie-Hellman public P and G values,
- * read from existing context (server-side only)
- *
- * \param conf SSL configuration
- * \param dhm_ctx Diffie-Hellman-Merkle context
- *
- * \return 0 if successful
- */
-int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx);
-#endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
-/**
- * \brief Set the minimum length for Diffie-Hellman parameters.
- * (Client-side only.)
- * (Default: 1024 bits.)
- *
- * \param conf SSL configuration
- * \param bitlen Minimum bit length of the DHM prime
- */
-void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf,
- unsigned int bitlen);
-#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
-
/**
* \brief Set the allowed groups in order of preference.
*
@@ -4358,6 +4211,10 @@
* with \c mbedtls_ssl_read()), not handshake messages.
* With DTLS, this affects both ApplicationData and handshake.
*
+ * \note Defragmentation of TLS handshake messages is supported
+ * with some limitations. See the documentation of
+ * mbedtls_ssl_handshake() for details.
+ *
* \note This sets the maximum length for a record's payload,
* excluding record overhead that will be added to it, see
* \c mbedtls_ssl_get_record_expansion().
@@ -4847,6 +4704,24 @@
* currently being processed might or might not contain further
* DTLS records.
*
+ * \note In TLS, reception of fragmented handshake messages is
+ * supported with some limitations (those limitations do
+ * not apply to DTLS, where defragmentation is fully
+ * supported):
+ * - On an Mbed TLS server that only accepts TLS 1.2,
+ * the initial ClientHello message must not be fragmented.
+ * A TLS 1.2 ClientHello may be fragmented if the server
+ * also accepts TLS 1.3 connections (meaning
+ * that #MBEDTLS_SSL_PROTO_TLS1_3 enabled, and the
+ * accepted versions have not been restricted with
+ * mbedtls_ssl_conf_max_tls_version() or the like).
+ * - The first fragment of a handshake message must be
+ * at least 4 bytes long.
+ * - Non-handshake records must not be interleaved between
+ * the fragments of a handshake message. (This is permitted
+ * in TLS 1.2 but not in TLS 1.3, but Mbed TLS rejects it
+ * even in TLS 1.2.)
+ *
* \note The PSA crypto subsystem must have been initialized by
* calling psa_crypto_init() before calling this function.
*/
diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
index 5d5b4b9..b031231 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@@ -24,28 +24,11 @@
/*
* Supported ciphersuites (Official IANA names)
*/
-#define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */
-#define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */
-
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */
-#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
-
-#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
-
-#define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */
-#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */
-
-#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
-
-#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
-#define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */
-
#define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */
@@ -54,10 +37,6 @@
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */
-#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */
-
-#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */
-
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
@@ -100,8 +79,6 @@
#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A
#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B
-#define MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 0xC03C /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 0xC03D /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC04A /**< TLS 1.2 */
@@ -110,8 +87,6 @@
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC04D /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 0xC04E /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 0xC04F /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050 /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05E /**< TLS 1.2 */
@@ -136,8 +111,6 @@
#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078
#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079
-#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */
@@ -155,10 +128,6 @@
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
-#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */
@@ -190,7 +159,6 @@
*/
typedef enum {
MBEDTLS_KEY_EXCHANGE_NONE = 0,
- MBEDTLS_KEY_EXCHANGE_RSA,
MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
MBEDTLS_KEY_EXCHANGE_PSK,
@@ -201,8 +169,7 @@
} mbedtls_key_exchange_type_t;
/* Key exchanges using a certificate */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
@@ -260,8 +227,7 @@
#endif
/* Key exchanges that don't involve ephemeral keys */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
#define MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED
#endif
diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h
index afeb07b..ec54f61 100644
--- a/include/mbedtls/ssl_cookie.h
+++ b/include/mbedtls/ssl_cookie.h
@@ -55,9 +55,7 @@
/**
* \brief Setup cookie context (generate keys)
*/
-int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng);
+int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx);
/**
* \brief Set expiration delay for cookies
diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h
index ef97e8f..5a2e487 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h
@@ -68,8 +68,6 @@
uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< lifetime of tickets in seconds */
/** Callback for getting (pseudo-)random numbers */
- int(*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
- void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */
#if defined(MBEDTLS_THREADING_C)
mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex);
@@ -90,8 +88,6 @@
* \brief Prepare context to be actually used
*
* \param ctx Context to be set up
- * \param f_rng RNG callback function (mandatory)
- * \param p_rng RNG callback context
* \param alg AEAD cipher to use for ticket protection.
* \param key_type Cryptographic key type to use.
* \param key_bits Cryptographic key size to use in bits.
@@ -116,7 +112,6 @@
* or a specific MBEDTLS_ERR_XXX error code
*/
int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
psa_algorithm_t alg, psa_key_type_t key_type, psa_key_bits_t key_bits,
uint32_t lifetime);
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 5943cfc..9817d35 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -1140,17 +1140,11 @@
* \param ctx certificate to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function. This must not be \c NULL.
- * \param p_rng RNG parameter
*
* \return length of data written if successful, or a specific
* error code
- *
- * \note \p f_rng is used for the signature operation.
*/
-int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng);
+int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size);
#if defined(MBEDTLS_PEM_WRITE_C)
/**
@@ -1159,16 +1153,11 @@
* \param ctx certificate to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function. This must not be \c NULL.
- * \param p_rng RNG parameter
*
* \return 0 if successful, or a specific error code
*
- * \note \p f_rng is used for the signature operation.
*/
-int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng);
+int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size);
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_X509_CRT_WRITE_C */
diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index 08e585f..f9eb04d 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -337,17 +337,12 @@
* \param ctx CSR to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function. This must not be \c NULL.
- * \param p_rng RNG parameter
*
* \return length of data written if successful, or a specific
* error code
*
- * \note \p f_rng is used for the signature operation.
*/
-int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng);
+int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size);
#if defined(MBEDTLS_PEM_WRITE_C)
/**
@@ -357,16 +352,11 @@
* \param ctx CSR to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function. This must not be \c NULL.
- * \param p_rng RNG parameter
*
* \return 0 if successful, or a specific error code
*
- * \note \p f_rng is used for the signature operation.
*/
-int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng);
+int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size);
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_X509_CSR_WRITE_C */
diff --git a/library/Makefile b/library/Makefile
index b874acf..1c0e4d9 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -113,7 +113,6 @@
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto.o \
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_client.o \
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers_no_static.o \
- $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_se.o \
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_slot_management.o \
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_storage.o \
$(TF_PSA_CRYPTO_CORE_PATH)/psa_its_file.o \
@@ -139,7 +138,6 @@
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/constant_time.o \
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ctr_drbg.o \
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/des.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/dhm.o \
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecdh.o \
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecdsa.o \
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecjpake.o \
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index e4cc226..b979cad 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -110,22 +110,14 @@
MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
/* All AES-256 suites */
- MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
- MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
- MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
- MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
- MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
/* All CAMELLIA-256 suites */
- MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
- MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
- MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
@@ -134,28 +126,18 @@
/* All ARIA-256 suites */
MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
- MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
- MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
/* All AES-128 suites */
- MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
- MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
- MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
- MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
- MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
/* All CAMELLIA-128 suites */
- MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
- MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
@@ -164,10 +146,8 @@
/* All ARIA-128 suites */
MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
- MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
- MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
/* The PSK suites */
MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
@@ -198,9 +178,6 @@
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
- MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
- MBEDTLS_TLS_RSA_WITH_NULL_SHA,
- MBEDTLS_TLS_RSA_WITH_NULL_MD5,
MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
@@ -490,116 +467,6 @@
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
-#if defined(PSA_WANT_KEY_TYPE_AES)
-#if defined(PSA_WANT_ALG_SHA_384) && \
- defined(PSA_WANT_ALG_GCM)
- { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
- MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 && PSA_WANT_ALG_GCM */
-
-#if defined(PSA_WANT_ALG_SHA_256)
-#if defined(PSA_WANT_ALG_GCM)
- { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
- MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_GCM */
-
-#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
- { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
- MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-
- { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
- MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_1)
-#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
- { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
- MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-
- { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
- MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
-#endif /* PSA_WANT_ALG_SHA_1 */
-#if defined(PSA_WANT_ALG_CCM)
- { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
- MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
- { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
- MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- MBEDTLS_CIPHERSUITE_SHORT_TAG,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
- { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
- MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
- { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
- MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- MBEDTLS_CIPHERSUITE_SHORT_TAG,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_CCM */
-#endif /* PSA_WANT_KEY_TYPE_AES */
-
-#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
-#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
- MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-
- { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
- MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_1)
- { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
- MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-
- { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
- MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_1 */
-#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
-
-#if defined(PSA_WANT_ALG_GCM)
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
- MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
- MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* PSA_WANT_ALG_GCM */
-#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
-
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
-
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(PSA_WANT_ALG_SHA_1)
@@ -947,29 +814,6 @@
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
-#if defined(PSA_WANT_ALG_MD5)
- { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
- MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
- MBEDTLS_CIPHERSUITE_WEAK,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-
-#if defined(PSA_WANT_ALG_SHA_1)
- { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
- MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
- MBEDTLS_CIPHERSUITE_WEAK,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
- MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- MBEDTLS_CIPHERSUITE_WEAK,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
-
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
@@ -1019,41 +863,6 @@
#if defined(PSA_WANT_KEY_TYPE_ARIA)
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
-
-#if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384))
- { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
- "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
- MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
- defined(PSA_WANT_ALG_SHA_384))
- { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
- "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
- MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-#if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256))
- { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
- "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
- MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
- defined(PSA_WANT_ALG_SHA_256))
- { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
- "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
- MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
-
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
#if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384))
@@ -1388,7 +1197,6 @@
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info)
{
switch (info->key_exchange) {
- case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
return MBEDTLS_PK_RSA;
@@ -1407,8 +1215,6 @@
psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info)
{
switch (info->key_exchange) {
- case MBEDTLS_KEY_EXCHANGE_RSA:
- return PSA_ALG_RSA_PKCS1V15_CRYPT;
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
return PSA_ALG_RSA_PKCS1V15_SIGN(
mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) info->mac));
@@ -1428,8 +1234,6 @@
psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info)
{
switch (info->key_exchange) {
- case MBEDTLS_KEY_EXCHANGE_RSA:
- return PSA_KEY_USAGE_DECRYPT;
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
return PSA_KEY_USAGE_SIGN_HASH;
diff --git a/library/ssl_ciphersuites_internal.h b/library/ssl_ciphersuites_internal.h
index b60acdc..a7981db 100644
--- a/library/ssl_ciphersuites_internal.h
+++ b/library/ssl_ciphersuites_internal.h
@@ -44,7 +44,6 @@
switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
- case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_PSK:
return 1;
@@ -71,7 +70,6 @@
static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
{
switch (info->MBEDTLS_PRIVATE(key_exchange)) {
- case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
@@ -86,7 +84,6 @@
static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info)
{
switch (info->MBEDTLS_PRIVATE(key_exchange)) {
- case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
diff --git a/library/ssl_client.c b/library/ssl_client.c
index be4d621..cb57a97 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -725,9 +725,8 @@
#endif /* MBEDTLS_HAVE_TIME */
}
- ret = ssl->conf->f_rng(ssl->conf->p_rng,
- randbytes + gmt_unix_time_len,
- MBEDTLS_CLIENT_HELLO_RANDOM_LEN - gmt_unix_time_len);
+ ret = psa_generate_random(randbytes + gmt_unix_time_len,
+ MBEDTLS_CLIENT_HELLO_RANDOM_LEN - gmt_unix_time_len);
return ret;
}
@@ -867,9 +866,9 @@
if (session_id_len != session_negotiate->id_len) {
session_negotiate->id_len = session_id_len;
if (session_id_len > 0) {
- ret = ssl->conf->f_rng(ssl->conf->p_rng,
- session_negotiate->id,
- session_id_len);
+
+ ret = psa_generate_random(session_negotiate->id,
+ session_id_len);
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "creating session id failed", ret);
return ret;
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 01b90e1..11811ee 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -81,16 +81,12 @@
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ssl_cookie_ctx));
}
-int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng)
+int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx)
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_algorithm_t alg;
- (void) f_rng;
- (void) p_rng;
alg = mbedtls_md_psa_alg_from_type(COOKIE_MD);
if (alg == 0) {
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 9f91861..e51a3df 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -763,10 +763,6 @@
const uint16_t *sig_algs;
#endif
-#if defined(MBEDTLS_DHM_C)
- mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */
-#endif
-
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_ANY_ENABLED)
psa_key_type_t xxdh_psa_type;
size_t xxdh_psa_bits;
@@ -989,7 +985,6 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
/** Asynchronous operation context. This field is meant for use by the
* asynchronous operation callbacks (mbedtls_ssl_config::f_async_sign_start,
- * mbedtls_ssl_config::f_async_decrypt_start,
* mbedtls_ssl_config::f_async_resume, mbedtls_ssl_config::f_async_cancel).
* The library does not use it internally. */
void *user_async_ctx;
@@ -1726,9 +1721,7 @@
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl,
mbedtls_ssl_transform *transform,
- mbedtls_record *rec,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng);
+ mbedtls_record *rec);
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl,
mbedtls_ssl_transform *transform,
@@ -1756,10 +1749,11 @@
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_check_timer(mbedtls_ssl_context *ssl);
-void mbedtls_ssl_reset_in_out_pointers(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_reset_in_pointers(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_update_in_pointers(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_reset_out_pointers(mbedtls_ssl_context *ssl);
void mbedtls_ssl_update_out_pointers(mbedtls_ssl_context *ssl,
mbedtls_ssl_transform *transform);
-void mbedtls_ssl_update_in_pointers(mbedtls_ssl_context *ssl);
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial);
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 97c4866..be0dc92 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -801,9 +801,7 @@
int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl,
mbedtls_ssl_transform *transform,
- mbedtls_record *rec,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng)
+ mbedtls_record *rec)
{
mbedtls_ssl_mode_t ssl_mode;
int auth_done = 0;
@@ -825,14 +823,6 @@
((void) ssl);
#endif
- /* The PRNG is used for dynamic IV generation that's used
- * for CBC transformations in TLS 1.2. */
-#if !(defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \
- defined(MBEDTLS_SSL_PROTO_TLS1_2))
- ((void) f_rng);
- ((void) p_rng);
-#endif
-
MBEDTLS_SSL_DEBUG_MSG(2, ("=> encrypt buf"));
if (transform == NULL) {
@@ -1140,10 +1130,6 @@
* Prepend per-record IV for block cipher in TLS v1.2 as per
* Method 1 (6.2.3.2. in RFC4346 and RFC5246)
*/
- if (f_rng == NULL) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("No PRNG provided to encrypt_record routine"));
- return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
- }
if (rec->data_offset < transform->ivlen) {
MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough"));
@@ -1153,7 +1139,7 @@
/*
* Generate IV
*/
- ret = f_rng(p_rng, transform->iv_enc, transform->ivlen);
+ ret = psa_generate_random(transform->iv_enc, transform->ivlen);
if (ret != 0) {
return ret;
}
@@ -2725,8 +2711,7 @@
rec.cid_len = 0;
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
- if ((ret = mbedtls_ssl_encrypt_buf(ssl, ssl->transform_out, &rec,
- ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+ if ((ret = mbedtls_ssl_encrypt_buf(ssl, ssl->transform_out, &rec)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "ssl_encrypt_buf", ret);
return ret;
}
@@ -2962,19 +2947,34 @@
int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl)
{
- if (ssl->in_msglen < mbedtls_ssl_hs_hdr_len(ssl)) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("handshake message too short: %" MBEDTLS_PRINTF_SIZET,
- ssl->in_msglen));
- return MBEDTLS_ERR_SSL_INVALID_RECORD;
- }
+ if (ssl->in_hsfraglen == 0) {
+ /* The handshake message must at least include the header.
+ * We may not have the full message yet in case of fragmentation.
+ * To simplify the code, we insist on having the header (and in
+ * particular the handshake message length) in the first
+ * fragment. */
+ if (ssl->in_msglen < mbedtls_ssl_hs_hdr_len(ssl)) {
+ MBEDTLS_SSL_DEBUG_MSG(1, ("handshake message too short: %" MBEDTLS_PRINTF_SIZET,
+ ssl->in_msglen));
+ return MBEDTLS_ERR_SSL_INVALID_RECORD;
+ }
- ssl->in_hslen = mbedtls_ssl_hs_hdr_len(ssl) + ssl_get_hs_total_len(ssl);
+ ssl->in_hslen = mbedtls_ssl_hs_hdr_len(ssl) + ssl_get_hs_total_len(ssl);
+ }
MBEDTLS_SSL_DEBUG_MSG(3, ("handshake message: msglen ="
" %" MBEDTLS_PRINTF_SIZET ", type = %u, hslen = %"
MBEDTLS_PRINTF_SIZET,
ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen));
+ if (ssl->transform_in != NULL) {
+ MBEDTLS_SSL_DEBUG_MSG(4, ("decrypted handshake message:"
+ " iv-buf=%d hdr-buf=%d hdr-buf=%d",
+ (int) (ssl->in_iv - ssl->in_buf),
+ (int) (ssl->in_hdr - ssl->in_buf),
+ (int) (ssl->in_msg - ssl->in_buf)));
+ }
+
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -3034,10 +3034,105 @@
}
} else
#endif /* MBEDTLS_SSL_PROTO_DTLS */
- /* With TLS we don't handle fragmentation (for now) */
- if (ssl->in_msglen < ssl->in_hslen) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("TLS handshake fragmentation not supported"));
- return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+ {
+ unsigned char *const reassembled_record_start =
+ ssl->in_buf + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
+ unsigned char *const payload_start =
+ reassembled_record_start + mbedtls_ssl_in_hdr_len(ssl);
+ unsigned char *payload_end = payload_start + ssl->in_hsfraglen;
+ /* How many more bytes we want to have a complete handshake message. */
+ const size_t hs_remain = ssl->in_hslen - ssl->in_hsfraglen;
+ /* How many bytes of the current record are part of the first
+ * handshake message. There may be more handshake messages (possibly
+ * incomplete) in the same record; if so, we leave them after the
+ * current record, and ssl_consume_current_message() will take
+ * care of consuming the next handshake message. */
+ const size_t hs_this_fragment_len =
+ ssl->in_msglen > hs_remain ? hs_remain : ssl->in_msglen;
+ (void) hs_this_fragment_len;
+
+ MBEDTLS_SSL_DEBUG_MSG(3,
+ ("%s handshake fragment: %" MBEDTLS_PRINTF_SIZET
+ ", %" MBEDTLS_PRINTF_SIZET
+ "..%" MBEDTLS_PRINTF_SIZET
+ " of %" MBEDTLS_PRINTF_SIZET,
+ (ssl->in_hsfraglen != 0 ?
+ "subsequent" :
+ hs_this_fragment_len == ssl->in_hslen ?
+ "sole" :
+ "initial"),
+ ssl->in_msglen,
+ ssl->in_hsfraglen,
+ ssl->in_hsfraglen + hs_this_fragment_len,
+ ssl->in_hslen));
+
+ /* Move the received handshake fragment to have the whole message
+ * (at least the part received so far) in a single segment at a
+ * known offset in the input buffer.
+ * - When receiving a non-initial handshake fragment, append it to
+ * the initial segment.
+ * - Even the initial handshake fragment is moved, if it was
+ * encrypted with an explicit IV: decryption leaves the payload
+ * after the explicit IV, but here we move it to start where the
+ * IV was.
+ */
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ size_t const in_buf_len = ssl->in_buf_len;
+#else
+ size_t const in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
+#endif
+ if (payload_end + ssl->in_msglen > ssl->in_buf + in_buf_len) {
+ MBEDTLS_SSL_DEBUG_MSG(1,
+ ("Shouldn't happen: no room to move handshake fragment %"
+ MBEDTLS_PRINTF_SIZET " from %p to %p (buf=%p len=%"
+ MBEDTLS_PRINTF_SIZET ")",
+ ssl->in_msglen,
+ (void *) ssl->in_msg, (void *) payload_end,
+ (void *) ssl->in_buf, in_buf_len));
+ return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ }
+ memmove(payload_end, ssl->in_msg, ssl->in_msglen);
+
+ ssl->in_hsfraglen += ssl->in_msglen;
+ payload_end += ssl->in_msglen;
+
+ if (ssl->in_hsfraglen < ssl->in_hslen) {
+ MBEDTLS_SSL_DEBUG_MSG(3, ("Prepare: waiting for more handshake fragments %"
+ MBEDTLS_PRINTF_SIZET "/%"
+ MBEDTLS_PRINTF_SIZET,
+ ssl->in_hsfraglen, ssl->in_hslen));
+ ssl->in_hdr = payload_end;
+ ssl->in_msglen = 0;
+ mbedtls_ssl_update_in_pointers(ssl);
+ return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
+ } else {
+ ssl->in_msglen = ssl->in_hsfraglen;
+ ssl->in_hsfraglen = 0;
+ ssl->in_hdr = reassembled_record_start;
+ mbedtls_ssl_update_in_pointers(ssl);
+
+ /* Update the record length in the fully reassembled record */
+ if (ssl->in_msglen > 0xffff) {
+ MBEDTLS_SSL_DEBUG_MSG(1,
+ ("Shouldn't happen: in_msglen=%"
+ MBEDTLS_PRINTF_SIZET " > 0xffff",
+ ssl->in_msglen));
+ return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ }
+ MBEDTLS_PUT_UINT16_BE(ssl->in_msglen, ssl->in_len, 0);
+
+ size_t record_len = mbedtls_ssl_in_hdr_len(ssl) + ssl->in_msglen;
+ (void) record_len;
+ MBEDTLS_SSL_DEBUG_BUF(4, "reassembled record",
+ ssl->in_hdr, record_len);
+ if (ssl->in_hslen < ssl->in_msglen) {
+ MBEDTLS_SSL_DEBUG_MSG(3,
+ ("More handshake messages in the record: "
+ "%" MBEDTLS_PRINTF_SIZET " + %" MBEDTLS_PRINTF_SIZET,
+ ssl->in_hslen,
+ ssl->in_msglen - ssl->in_hslen));
+ }
+ }
}
return 0;
@@ -4382,6 +4477,14 @@
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
+ if (ssl->in_hsfraglen != 0) {
+ /* Not all handshake fragments have arrived, do not consume. */
+ MBEDTLS_SSL_DEBUG_MSG(3, ("Consume: waiting for more handshake fragments %"
+ MBEDTLS_PRINTF_SIZET "/%" MBEDTLS_PRINTF_SIZET,
+ ssl->in_hsfraglen, ssl->in_hslen));
+ return 0;
+ }
+
/*
* Get next Handshake message in the current record
*/
@@ -4407,6 +4510,7 @@
ssl->in_msglen -= ssl->in_hslen;
memmove(ssl->in_msg, ssl->in_msg + ssl->in_hslen,
ssl->in_msglen);
+ MBEDTLS_PUT_UINT16_BE(ssl->in_msglen, ssl->in_len, 0);
MBEDTLS_SSL_DEBUG_BUF(4, "remaining content in record",
ssl->in_msg, ssl->in_msglen);
@@ -4770,6 +4874,18 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ /* If we're in the middle of a fragmented TLS handshake message,
+ * we don't accept any other message type. For TLS 1.3, the spec forbids
+ * interleaving other message types between handshake fragments. For TLS
+ * 1.2, the spec does not forbid it but we do. */
+ if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM &&
+ ssl->in_hsfraglen != 0 &&
+ ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) {
+ MBEDTLS_SSL_DEBUG_MSG(1, ("non-handshake message in the middle"
+ " of a fragmented handshake message"));
+ return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+ }
+
/*
* Handle particular types of records
*/
@@ -5081,7 +5197,7 @@
} else
#endif
{
- ssl->in_ctr = ssl->in_hdr - MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
+ ssl->in_ctr = ssl->in_buf;
ssl->in_len = ssl->in_hdr + 3;
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl->in_cid = ssl->in_len;
@@ -5097,24 +5213,35 @@
* Setup an SSL context
*/
-void mbedtls_ssl_reset_in_out_pointers(mbedtls_ssl_context *ssl)
+void mbedtls_ssl_reset_in_pointers(mbedtls_ssl_context *ssl)
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+ ssl->in_hdr = ssl->in_buf;
+ } else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+ {
+ ssl->in_hdr = ssl->in_buf + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
+ }
+
+ /* Derive other internal pointers. */
+ mbedtls_ssl_update_in_pointers(ssl);
+}
+
+void mbedtls_ssl_reset_out_pointers(mbedtls_ssl_context *ssl)
{
/* Set the incoming and outgoing record pointers. */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
ssl->out_hdr = ssl->out_buf;
- ssl->in_hdr = ssl->in_buf;
} else
#endif /* MBEDTLS_SSL_PROTO_DTLS */
{
ssl->out_ctr = ssl->out_buf;
- ssl->out_hdr = ssl->out_buf + 8;
- ssl->in_hdr = ssl->in_buf + 8;
+ ssl->out_hdr = ssl->out_buf + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
}
-
/* Derive other internal pointers. */
mbedtls_ssl_update_out_pointers(ssl, NULL /* no transform enabled */);
- mbedtls_ssl_update_in_pointers(ssl);
}
/*
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 8653e2d..7b03919 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -75,11 +75,11 @@
*/
key->lifetime = ctx->ticket_lifetime;
- if ((ret = ctx->f_rng(ctx->p_rng, key->name, sizeof(key->name))) != 0) {
+ if ((ret = psa_generate_random(key->name, sizeof(key->name))) != 0) {
return ret;
}
- if ((ret = ctx->f_rng(ctx->p_rng, buf, sizeof(buf))) != 0) {
+ if ((ret = psa_generate_random(buf, sizeof(buf))) != 0) {
return ret;
}
@@ -185,7 +185,6 @@
* Setup context for actual use
*/
int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
psa_algorithm_t alg, psa_key_type_t key_type, psa_key_bits_t key_bits,
uint32_t lifetime)
{
@@ -199,9 +198,6 @@
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
- ctx->f_rng = f_rng;
- ctx->p_rng = p_rng;
-
ctx->ticket_lifetime = lifetime;
ctx->keys[0].alg = alg;
@@ -254,7 +250,7 @@
*tlen = 0;
- if (ctx == NULL || ctx->f_rng == NULL) {
+ if (ctx == NULL) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
@@ -278,7 +274,7 @@
memcpy(key_name, key->name, TICKET_KEY_NAME_BYTES);
- if ((ret = ctx->f_rng(ctx->p_rng, iv, TICKET_IV_BYTES)) != 0) {
+ if ((ret = psa_generate_random(iv, TICKET_IV_BYTES)) != 0) {
goto cleanup;
}
@@ -355,7 +351,7 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- if (ctx == NULL || ctx->f_rng == NULL) {
+ if (ctx == NULL) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 60f2e1c..94de343 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -339,12 +339,13 @@
size_t out_buf_new_len)
{
int modified = 0;
- size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0;
+ size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0, hdr_in = 0;
size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0;
if (ssl->in_buf != NULL) {
written_in = ssl->in_msg - ssl->in_buf;
iv_offset_in = ssl->in_iv - ssl->in_buf;
len_offset_in = ssl->in_len - ssl->in_buf;
+ hdr_in = ssl->in_hdr - ssl->in_buf;
if (downsizing ?
ssl->in_buf_len > in_buf_new_len && ssl->in_left < in_buf_new_len :
ssl->in_buf_len < in_buf_new_len) {
@@ -376,7 +377,10 @@
}
if (modified) {
/* Update pointers here to avoid doing it twice. */
- mbedtls_ssl_reset_in_out_pointers(ssl);
+ ssl->in_hdr = ssl->in_buf + hdr_in;
+ mbedtls_ssl_update_in_pointers(ssl);
+ mbedtls_ssl_reset_out_pointers(ssl);
+
/* Fields below might not be properly updated with record
* splitting or with CID, so they are manually updated here. */
ssl->out_msg = ssl->out_buf + written_out;
@@ -911,9 +915,6 @@
handshake->update_checksum = ssl_update_checksum_start;
-#if defined(MBEDTLS_DHM_C)
- mbedtls_dhm_init(&handshake->dhm_ctx);
-#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
handshake->psa_pake_ctx = psa_pake_operation_init();
handshake->psa_pake_password = MBEDTLS_SVC_KEY_ID_INIT;
@@ -1222,11 +1223,6 @@
return ret;
}
- if (ssl->conf->f_rng == NULL) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided"));
- return MBEDTLS_ERR_SSL_NO_RNG;
- }
-
/* Space for further checks */
return 0;
@@ -1277,7 +1273,8 @@
goto error;
}
- mbedtls_ssl_reset_in_out_pointers(ssl);
+ mbedtls_ssl_reset_in_pointers(ssl);
+ mbedtls_ssl_reset_out_pointers(ssl);
#if defined(MBEDTLS_SSL_DTLS_SRTP)
memset(&ssl->dtls_srtp_info, 0, sizeof(ssl->dtls_srtp_info));
@@ -1342,7 +1339,8 @@
/* Cancel any possibly running timer */
mbedtls_ssl_set_timer(ssl, 0);
- mbedtls_ssl_reset_in_out_pointers(ssl);
+ mbedtls_ssl_reset_in_pointers(ssl);
+ mbedtls_ssl_reset_out_pointers(ssl);
/* Reset incoming message parsing */
ssl->in_offt = NULL;
@@ -1350,6 +1348,7 @@
ssl->in_msgtype = 0;
ssl->in_msglen = 0;
ssl->in_hslen = 0;
+ ssl->in_hsfraglen = 0;
ssl->keep_current_message = 0;
ssl->transform_in = NULL;
@@ -1522,14 +1521,6 @@
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng)
-{
- conf->f_rng = f_rng;
- conf->p_rng = p_rng;
-}
-
void mbedtls_ssl_conf_dbg(mbedtls_ssl_config *conf,
void (*f_dbg)(void *, int, const char *, int, const char *),
void *p_dbg)
@@ -2431,57 +2422,6 @@
return PSA_SUCCESS;
}
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
-int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf,
- const unsigned char *dhm_P, size_t P_len,
- const unsigned char *dhm_G, size_t G_len)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
- mbedtls_mpi_free(&conf->dhm_P);
- mbedtls_mpi_free(&conf->dhm_G);
-
- if ((ret = mbedtls_mpi_read_binary(&conf->dhm_P, dhm_P, P_len)) != 0 ||
- (ret = mbedtls_mpi_read_binary(&conf->dhm_G, dhm_G, G_len)) != 0) {
- mbedtls_mpi_free(&conf->dhm_P);
- mbedtls_mpi_free(&conf->dhm_G);
- return ret;
- }
-
- return 0;
-}
-
-int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
- mbedtls_mpi_free(&conf->dhm_P);
- mbedtls_mpi_free(&conf->dhm_G);
-
- if ((ret = mbedtls_dhm_get_value(dhm_ctx, MBEDTLS_DHM_PARAM_P,
- &conf->dhm_P)) != 0 ||
- (ret = mbedtls_dhm_get_value(dhm_ctx, MBEDTLS_DHM_PARAM_G,
- &conf->dhm_G)) != 0) {
- mbedtls_mpi_free(&conf->dhm_P);
- mbedtls_mpi_free(&conf->dhm_G);
- return ret;
- }
-
- return 0;
-}
-#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
-/*
- * Set the minimum length for Diffie-Hellman parameters
- */
-void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf,
- unsigned int bitlen)
-{
- conf->dhm_min_bitlen = bitlen;
-}
-#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
-
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
/*
@@ -2784,13 +2724,11 @@
void mbedtls_ssl_conf_async_private_cb(
mbedtls_ssl_config *conf,
mbedtls_ssl_async_sign_t *f_async_sign,
- mbedtls_ssl_async_decrypt_t *f_async_decrypt,
mbedtls_ssl_async_resume_t *f_async_resume,
mbedtls_ssl_async_cancel_t *f_async_cancel,
void *async_config_data)
{
conf->f_async_sign_start = f_async_sign;
- conf->f_async_decrypt_start = f_async_decrypt;
conf->f_async_resume = f_async_resume;
conf->f_async_cancel = f_async_cancel;
conf->p_async_config_data = async_config_data;
@@ -4528,6 +4466,7 @@
ssl->conf->f_async_cancel(ssl);
handshake->async_in_progress = 0;
}
+
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#if defined(PSA_WANT_ALG_SHA_256)
@@ -4537,10 +4476,6 @@
psa_hash_abort(&handshake->fin_sha384_psa);
#endif
-#if defined(MBEDTLS_DHM_C)
- mbedtls_dhm_free(&handshake->dhm_ctx);
-#endif
-
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
psa_pake_abort(&handshake->psa_pake_ctx);
/*
@@ -5551,10 +5486,6 @@
int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf,
int endpoint, int transport, int preset)
{
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-#endif
-
#if defined(MBEDTLS_DEBUG_C) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if (ssl_check_no_sig_alg_duplication(ssl_preset_suiteb_sig_algs)) {
mbedtls_printf("ssl_preset_suiteb_sig_algs has duplicated entries\n");
@@ -5629,21 +5560,6 @@
memset(conf->renego_period + 2, 0xFF, 6);
#endif
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
- if (endpoint == MBEDTLS_SSL_IS_SERVER) {
- const unsigned char dhm_p[] =
- MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN;
- const unsigned char dhm_g[] =
- MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;
-
- if ((ret = mbedtls_ssl_conf_dh_param_bin(conf,
- dhm_p, sizeof(dhm_p),
- dhm_g, sizeof(dhm_g))) != 0) {
- return ret;
- }
- }
-#endif
-
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_EARLY_DATA)
@@ -5733,10 +5649,6 @@
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
conf->group_list = ssl_preset_default_groups;
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
- conf->dhm_min_bitlen = 1024;
-#endif
}
return 0;
@@ -5751,11 +5663,6 @@
return;
}
-#if defined(MBEDTLS_DHM_C)
- mbedtls_mpi_free(&conf->dhm_P);
- mbedtls_mpi_free(&conf->dhm_G);
-#endif
-
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) {
conf->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT;
@@ -7085,7 +6992,7 @@
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
switch (ret) {
case 0: /*ok*/
- case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND:
+ case MBEDTLS_ERR_OID_NOT_FOUND:
/* Ignore certificate with an unknown algorithm: maybe a
prior certificate was already trusted. */
break;
@@ -8787,10 +8694,6 @@
recv_endpoint == MBEDTLS_SSL_IS_CLIENT) {
/* TLS 1.2 server part of the key exchange */
switch (ciphersuite->key_exchange) {
- case MBEDTLS_KEY_EXCHANGE_RSA:
- usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT;
- break;
-
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index 36f79cb..e0743e1 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -1732,83 +1732,6 @@
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
-/*
- * Generate a pre-master secret and encrypt it with the server's RSA key
- */
-MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_write_encrypted_pms(mbedtls_ssl_context *ssl,
- size_t offset, size_t *olen,
- size_t pms_offset)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t len_bytes = 2;
- unsigned char *p = ssl->handshake->premaster + pms_offset;
- mbedtls_pk_context *peer_pk;
-
- if (offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small for encrypted pms"));
- return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
- }
-
- /*
- * Generate (part of) the pre-master as
- * struct {
- * ProtocolVersion client_version;
- * opaque random[46];
- * } PreMasterSecret;
- */
- mbedtls_ssl_write_version(p, ssl->conf->transport,
- MBEDTLS_SSL_VERSION_TLS1_2);
-
- if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p + 2, 46)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, "f_rng", ret);
- return ret;
- }
-
- ssl->handshake->pmslen = 48;
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
- peer_pk = &ssl->handshake->peer_pubkey;
-#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
- if (ssl->session_negotiate->peer_cert == NULL) {
- /* Should never happen */
- MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
- return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
- }
- peer_pk = &ssl->session_negotiate->peer_cert->pk;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
- /*
- * Now write it out, encrypted
- */
- if (!mbedtls_pk_can_do(peer_pk, MBEDTLS_PK_RSA)) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("certificate key type mismatch"));
- return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
- }
-
- if ((ret = mbedtls_pk_encrypt(peer_pk,
- p, ssl->handshake->pmslen,
- ssl->out_msg + offset + len_bytes, olen,
- MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes,
- ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_rsa_pkcs1_encrypt", ret);
- return ret;
- }
-
- if (len_bytes == 2) {
- MBEDTLS_PUT_UINT16_BE(*olen, ssl->out_msg, offset);
- *olen += 2;
- }
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
- /* We don't need the peer's public key anymore. Free it. */
- mbedtls_pk_free(peer_pk);
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
- return 0;
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
-
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
MBEDTLS_CHECK_RETURN_CRITICAL
@@ -1902,16 +1825,6 @@
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse server key exchange"));
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) {
- MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse server key exchange"));
- ssl->state++;
- return 0;
- }
- ((void) p);
- ((void) end);
-#endif
-
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
@@ -2742,15 +2655,6 @@
} else
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) {
- header_len = 4;
- if ((ret = ssl_write_encrypted_pms(ssl, header_len,
- &content_len, 0)) != 0) {
- return ret;
- }
- } else
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
header_len = 4;
@@ -2768,7 +2672,7 @@
return ret;
}
} else
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
{
((void) ciphersuite_info);
MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
@@ -2923,7 +2827,7 @@
ssl->out_msg + 6 + offset,
out_buf_len - 6 - offset,
&n,
- ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx)) != 0) {
+ rs_ctx)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_sign", ret);
#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index fc9b860..e178550 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -654,6 +654,7 @@
* Try picking a certificate for this ciphersuite,
* return 0 on success and -1 on failure.
*/
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_pick_cert(mbedtls_ssl_context *ssl,
const mbedtls_ssl_ciphersuite_t *ciphersuite_info)
@@ -693,7 +694,6 @@
int key_type_matches = 0;
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
key_type_matches = ((ssl->conf->f_async_sign_start != NULL ||
- ssl->conf->f_async_decrypt_start != NULL ||
mbedtls_pk_can_do_ext(cur->key, pk_alg, pk_usage)) &&
mbedtls_pk_can_do_ext(&cur->cert->pk, pk_alg, pk_usage));
#else
@@ -745,6 +745,8 @@
return -1;
}
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/*
@@ -807,6 +809,8 @@
}
#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/*
* Final check: if ciphersuite requires us to have a
@@ -822,7 +826,6 @@
}
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/* If the ciphersuite requires signing, check whether
* a suitable hash algorithm is present. */
sig_type = mbedtls_ssl_get_ciphersuite_sig_alg(suite_info);
@@ -1015,28 +1018,6 @@
MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
}
- {
- size_t handshake_len = MBEDTLS_GET_UINT24_BE(buf, 1);
- MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, handshake len.: %u",
- (unsigned) handshake_len));
-
- /* The record layer has a record size limit of 2^14 - 1 and
- * fragmentation is not supported, so buf[1] should be zero. */
- if (buf[1] != 0) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message: %u != 0",
- (unsigned) buf[1]));
- return MBEDTLS_ERR_SSL_DECODE_ERROR;
- }
-
- /* We don't support fragmentation of ClientHello (yet?) */
- if (msg_len != mbedtls_ssl_hs_hdr_len(ssl) + handshake_len) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message: %u != %u + %u",
- (unsigned) msg_len,
- (unsigned) mbedtls_ssl_hs_hdr_len(ssl),
- (unsigned) handshake_len));
- return MBEDTLS_ERR_SSL_DECODE_ERROR;
- }
- }
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
@@ -2152,14 +2133,14 @@
MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, current time: %" MBEDTLS_PRINTF_LONGLONG,
(long long) t));
#else
- if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 4)) != 0) {
+ if ((ret = psa_generate_random(p, 4)) != 0) {
return ret;
}
p += 4;
#endif /* MBEDTLS_HAVE_TIME */
- if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 20)) != 0) {
+ if ((ret = psa_generate_random(p, 20)) != 0) {
return ret;
}
p += 20;
@@ -2185,7 +2166,7 @@
} else
#endif
{
- if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 8)) != 0) {
+ if ((ret = psa_generate_random(p, 8)) != 0) {
return ret;
}
}
@@ -2216,8 +2197,8 @@
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
{
ssl->session_negotiate->id_len = n = 32;
- if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, ssl->session_negotiate->id,
- n)) != 0) {
+ if ((ret = psa_generate_random(ssl->session_negotiate->id,
+ n)) != 0) {
return ret;
}
}
@@ -3054,9 +3035,7 @@
md_alg, hash, hashlen,
ssl->out_msg + ssl->out_msglen + 2,
out_buf_len - ssl->out_msglen - 2,
- signature_len,
- ssl->conf->f_rng,
- ssl->conf->p_rng)) != 0) {
+ signature_len)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_sign", ret);
return ret;
}
@@ -3203,194 +3182,6 @@
return 0;
}
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_resume_decrypt_pms(mbedtls_ssl_context *ssl,
- unsigned char *peer_pms,
- size_t *peer_pmslen,
- size_t peer_pmssize)
-{
- int ret = ssl->conf->f_async_resume(ssl,
- peer_pms, peer_pmslen, peer_pmssize);
- if (ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) {
- ssl->handshake->async_in_progress = 0;
- mbedtls_ssl_set_async_operation_data(ssl, NULL);
- }
- MBEDTLS_SSL_DEBUG_RET(2, "ssl_decrypt_encrypted_pms", ret);
- return ret;
-}
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_decrypt_encrypted_pms(mbedtls_ssl_context *ssl,
- const unsigned char *p,
- const unsigned char *end,
- unsigned char *peer_pms,
- size_t *peer_pmslen,
- size_t peer_pmssize)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
- mbedtls_x509_crt *own_cert = mbedtls_ssl_own_cert(ssl);
- if (own_cert == NULL) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("got no local certificate"));
- return MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE;
- }
- mbedtls_pk_context *public_key = &own_cert->pk;
- mbedtls_pk_context *private_key = mbedtls_ssl_own_key(ssl);
- size_t len = mbedtls_pk_get_len(public_key);
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
- /* If we have already started decoding the message and there is an ongoing
- * decryption operation, resume signing. */
- if (ssl->handshake->async_in_progress != 0) {
- MBEDTLS_SSL_DEBUG_MSG(2, ("resuming decryption operation"));
- return ssl_resume_decrypt_pms(ssl,
- peer_pms, peer_pmslen, peer_pmssize);
- }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
- /*
- * Prepare to decrypt the premaster using own private RSA key
- */
- if (p + 2 > end) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
- return MBEDTLS_ERR_SSL_DECODE_ERROR;
- }
- if (*p++ != MBEDTLS_BYTE_1(len) ||
- *p++ != MBEDTLS_BYTE_0(len)) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
- return MBEDTLS_ERR_SSL_DECODE_ERROR;
- }
-
- if (p + len != end) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
- return MBEDTLS_ERR_SSL_DECODE_ERROR;
- }
-
- /*
- * Decrypt the premaster secret
- */
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
- if (ssl->conf->f_async_decrypt_start != NULL) {
- ret = ssl->conf->f_async_decrypt_start(ssl,
- mbedtls_ssl_own_cert(ssl),
- p, len);
- switch (ret) {
- case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH:
- /* act as if f_async_decrypt_start was null */
- break;
- case 0:
- ssl->handshake->async_in_progress = 1;
- return ssl_resume_decrypt_pms(ssl,
- peer_pms,
- peer_pmslen,
- peer_pmssize);
- case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS:
- ssl->handshake->async_in_progress = 1;
- return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS;
- default:
- MBEDTLS_SSL_DEBUG_RET(1, "f_async_decrypt_start", ret);
- return ret;
- }
- }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
- if (!mbedtls_pk_can_do(private_key, MBEDTLS_PK_RSA)) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("got no RSA private key"));
- return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED;
- }
-
- ret = mbedtls_pk_decrypt(private_key, p, len,
- peer_pms, peer_pmslen, peer_pmssize,
- ssl->conf->f_rng, ssl->conf->p_rng);
- return ret;
-}
-
-MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_parse_encrypted_pms(mbedtls_ssl_context *ssl,
- const unsigned char *p,
- const unsigned char *end,
- size_t pms_offset)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- unsigned char *pms = ssl->handshake->premaster + pms_offset;
- unsigned char ver[2];
- unsigned char fake_pms[48], peer_pms[48];
- size_t peer_pmslen;
- mbedtls_ct_condition_t diff;
-
- /* In case of a failure in decryption, the decryption may write less than
- * 2 bytes of output, but we always read the first two bytes. It doesn't
- * matter in the end because diff will be nonzero in that case due to
- * ret being nonzero, and we only care whether diff is 0.
- * But do initialize peer_pms and peer_pmslen for robustness anyway. This
- * also makes memory analyzers happy (don't access uninitialized memory,
- * even if it's an unsigned char). */
- peer_pms[0] = peer_pms[1] = ~0;
- peer_pmslen = 0;
-
- ret = ssl_decrypt_encrypted_pms(ssl, p, end,
- peer_pms,
- &peer_pmslen,
- sizeof(peer_pms));
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
- if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) {
- return ret;
- }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
- mbedtls_ssl_write_version(ver, ssl->conf->transport,
- ssl->session_negotiate->tls_version);
-
- /* Avoid data-dependent branches while checking for invalid
- * padding, to protect against timing-based Bleichenbacher-type
- * attacks. */
- diff = mbedtls_ct_bool(ret);
- diff = mbedtls_ct_bool_or(diff, mbedtls_ct_uint_ne(peer_pmslen, 48));
- diff = mbedtls_ct_bool_or(diff, mbedtls_ct_uint_ne(peer_pms[0], ver[0]));
- diff = mbedtls_ct_bool_or(diff, mbedtls_ct_uint_ne(peer_pms[1], ver[1]));
-
- /*
- * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding
- * must not cause the connection to end immediately; instead, send a
- * bad_record_mac later in the handshake.
- * To protect against timing-based variants of the attack, we must
- * not have any branch that depends on whether the decryption was
- * successful. In particular, always generate the fake premaster secret,
- * regardless of whether it will ultimately influence the output or not.
- */
- ret = ssl->conf->f_rng(ssl->conf->p_rng, fake_pms, sizeof(fake_pms));
- if (ret != 0) {
- /* It's ok to abort on an RNG failure, since this does not reveal
- * anything about the RSA decryption. */
- return ret;
- }
-
-#if defined(MBEDTLS_SSL_DEBUG_ALL)
- if (diff != MBEDTLS_CT_FALSE) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
- }
-#endif
-
- if (sizeof(ssl->handshake->premaster) < pms_offset ||
- sizeof(ssl->handshake->premaster) - pms_offset < 48) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
- return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
- }
- ssl->handshake->pmslen = 48;
-
- /* Set pms to either the true or the fake PMS, without
- * data-dependent branches. */
- mbedtls_ct_memcpy_if(diff, pms, fake_pms, peer_pms, ssl->handshake->pmslen);
-
- return 0;
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
-
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_parse_client_psk_identity(mbedtls_ssl_context *ssl, unsigned char **p,
@@ -3457,16 +3248,6 @@
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client key exchange"));
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA &&
- (ssl->handshake->async_in_progress != 0)) {
- /* We've already read a record and there is an asynchronous
- * operation in progress to decrypt it. So skip reading the
- * record. */
- MBEDTLS_SSL_DEBUG_MSG(3, ("will resume decryption of previously-read record"));
- } else
-#endif
if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
return ret;
@@ -3657,14 +3438,6 @@
} else
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) {
- if ((ret = ssl_parse_encrypted_pms(ssl, p, end, 0)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_parse_encrypted_pms_secret"), ret);
- return ret;
- }
- } else
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
if ((ret = mbedtls_psa_ecjpake_read_round(
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 6a7d502..deba2ae 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -518,7 +518,7 @@
switch (ret) {
case 0: /*ok*/
break;
- case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND:
+ case MBEDTLS_ERR_OID_NOT_FOUND:
/* Ignore certificate with an unknown algorithm: maybe a
prior certificate was already trusted. */
break;
@@ -978,8 +978,7 @@
if ((ret = mbedtls_pk_sign_ext(pk_type, own_key,
md_alg, verify_hash, verify_hash_len,
- p + 4, (size_t) (end - (p + 4)), &signature_len,
- ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+ p + 4, (size_t) (end - (p + 4)), &signature_len)) != 0) {
MBEDTLS_SSL_DEBUG_MSG(2, ("CertificateVerify signature failed with %s",
mbedtls_ssl_sig_alg_to_str(*sig_alg)));
MBEDTLS_SSL_DEBUG_RET(2, "mbedtls_pk_sign_ext", ret);
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 7273eb9..dc50bee 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -91,7 +91,7 @@
return;
}
- MBEDTLS_SSL_DEBUG_MSG(2, ("No matched ciphersuite, psk_ciphersuite_id=%x, psk_hash_alg=%lx",
+ MBEDTLS_SSL_DEBUG_MSG(1, ("No matched ciphersuite, psk_ciphersuite_id=%x, psk_hash_alg=%lx",
(unsigned) psk_ciphersuite_id,
(unsigned long) psk_hash_alg));
}
@@ -1365,6 +1365,7 @@
}
if (ret == 0) {
+ MBEDTLS_SSL_DEBUG_MSG(2, ("no supported_versions extension"));
return SSL_CLIENT_HELLO_TLS1_2;
}
@@ -1386,6 +1387,7 @@
* the TLS version to negotiate.
*/
if (MBEDTLS_SSL_VERSION_TLS1_2 == ret) {
+ MBEDTLS_SSL_DEBUG_MSG(2, ("supported_versions without 1.3"));
return SSL_CLIENT_HELLO_TLS1_2;
}
}
@@ -1964,6 +1966,7 @@
}
ssl->keep_current_message = 1;
ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
+ MBEDTLS_SSL_DEBUG_MSG(1, ("non-1.3 ClientHello left for later processing"));
return 0;
}
@@ -1993,9 +1996,9 @@
unsigned char *server_randbytes =
ssl->handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN;
- if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, server_randbytes,
- MBEDTLS_SERVER_HELLO_RANDOM_LEN)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, "f_rng", ret);
+ if ((ret = psa_generate_random(server_randbytes,
+ MBEDTLS_SERVER_HELLO_RANDOM_LEN)) != 0) {
+ MBEDTLS_SSL_DEBUG_RET(1, "psa_generate_random", ret);
return ret;
}
@@ -3169,9 +3172,8 @@
#endif
/* Generate ticket_age_add */
- if ((ret = ssl->conf->f_rng(ssl->conf->p_rng,
- (unsigned char *) &session->ticket_age_add,
- sizeof(session->ticket_age_add)) != 0)) {
+ if ((ret = psa_generate_random((unsigned char *) &session->ticket_age_add,
+ sizeof(session->ticket_age_add)) != 0)) {
MBEDTLS_SSL_DEBUG_RET(1, "generate_ticket_age_add", ret);
return ret;
}
@@ -3179,7 +3181,7 @@
(unsigned int) session->ticket_age_add));
/* Generate ticket_nonce */
- ret = ssl->conf->f_rng(ssl->conf->p_rng, ticket_nonce, ticket_nonce_size);
+ ret = psa_generate_random(ticket_nonce, ticket_nonce_size);
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "generate_ticket_nonce", ret);
return ret;
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 8a47697..7d20748 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -379,9 +379,7 @@
}
int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
- unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng)
+ unsigned char *buf, size_t size)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const char *sig_oid;
@@ -571,8 +569,7 @@
if ((ret = mbedtls_pk_sign(ctx->issuer_key, ctx->md_alg,
- hash, hash_length, sig, sizeof(sig), &sig_len,
- f_rng, p_rng)) != 0) {
+ hash, hash_length, sig, sizeof(sig), &sig_len)) != 0) {
return ret;
}
@@ -614,15 +611,12 @@
#if defined(MBEDTLS_PEM_WRITE_C)
int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *crt,
- unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng)
+ unsigned char *buf, size_t size)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t olen;
- if ((ret = mbedtls_x509write_crt_der(crt, buf, size,
- f_rng, p_rng)) < 0) {
+ if ((ret = mbedtls_x509write_crt_der(crt, buf, size)) < 0) {
return ret;
}
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index dd75d8f..e65ddb0 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -131,9 +131,7 @@
static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx,
unsigned char *buf,
size_t size,
- unsigned char *sig, size_t sig_size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng)
+ unsigned char *sig, size_t sig_size)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const char *sig_oid;
@@ -218,8 +216,7 @@
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
}
if ((ret = mbedtls_pk_sign(ctx->key, ctx->md_alg, hash, 0,
- sig, sig_size, &sig_len,
- f_rng, p_rng)) != 0) {
+ sig, sig_size, &sig_len)) != 0) {
return ret;
}
@@ -274,9 +271,7 @@
}
int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf,
- size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng)
+ size_t size)
{
int ret;
unsigned char *sig;
@@ -286,8 +281,7 @@
}
ret = x509write_csr_der_internal(ctx, buf, size,
- sig, MBEDTLS_PK_SIGNATURE_MAX_SIZE,
- f_rng, p_rng);
+ sig, MBEDTLS_PK_SIGNATURE_MAX_SIZE);
mbedtls_free(sig);
@@ -298,15 +292,12 @@
#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"
#if defined(MBEDTLS_PEM_WRITE_C)
-int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng)
+int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t olen = 0;
- if ((ret = mbedtls_x509write_csr_der(ctx, buf, size,
- f_rng, p_rng)) < 0) {
+ if ((ret = mbedtls_x509write_csr_der(ctx, buf, size)) < 0) {
return ret;
}
diff --git a/programs/.gitignore b/programs/.gitignore
index 939e405..7eaf38d 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -5,36 +5,14 @@
*.sln
*.vcxproj
-aes/crypt_and_hash
-cipher/cipher_aead_demo
-hash/generic_sum
-hash/hello
-hash/md_hmac_demo
hash/md5sum
hash/sha1sum
hash/sha2sum
-pkey/dh_client
-pkey/dh_genprime
-pkey/dh_server
-pkey/ecdh_curve25519
-pkey/ecdsa
pkey/gen_key
-pkey/key_app
-pkey/key_app_writer
-pkey/mpi_demo
-pkey/pk_decrypt
-pkey/pk_encrypt
pkey/pk_sign
pkey/pk_verify
-pkey/rsa_decrypt
-pkey/rsa_encrypt
-pkey/rsa_genkey
-pkey/rsa_sign
pkey/rsa_sign_pss
-pkey/rsa_verify
pkey/rsa_verify_pss
-random/gen_entropy
-random/gen_random_ctr_drbg
ssl/dtls_client
ssl/dtls_server
ssl/mini_client
diff --git a/programs/CMakeLists.txt b/programs/CMakeLists.txt
index 2c23c48..1e5b2a4 100644
--- a/programs/CMakeLists.txt
+++ b/programs/CMakeLists.txt
@@ -1,14 +1,10 @@
set(programs_target "${MBEDTLS_TARGET_PREFIX}programs")
add_custom_target(${programs_target})
-add_subdirectory(aes)
-add_subdirectory(cipher)
if (NOT WIN32)
add_subdirectory(fuzz)
endif()
-add_subdirectory(hash)
add_subdirectory(pkey)
-add_subdirectory(random)
add_subdirectory(ssl)
add_subdirectory(test)
add_subdirectory(util)
diff --git a/programs/Makefile b/programs/Makefile
index 79bb402..b264290 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -36,30 +36,10 @@
## Note: Variables cannot be used to define an apps path. This cannot be
## substituted by the script generate_visualc_files.pl.
APPS = \
- aes/crypt_and_hash \
- cipher/cipher_aead_demo \
- hash/generic_sum \
- hash/hello \
- hash/md_hmac_demo \
- pkey/dh_client \
- pkey/dh_genprime \
- pkey/dh_server \
- pkey/ecdh_curve25519 \
- pkey/ecdsa \
pkey/gen_key \
- pkey/key_app \
- pkey/key_app_writer \
- pkey/mpi_demo \
- pkey/pk_decrypt \
- pkey/pk_encrypt \
pkey/pk_sign \
pkey/pk_verify \
- pkey/rsa_decrypt \
- pkey/rsa_encrypt \
- pkey/rsa_genkey \
- pkey/rsa_sign \
pkey/rsa_sign_pss \
- pkey/rsa_verify \
pkey/rsa_verify_pss \
../tf-psa-crypto/programs/psa/aead_demo \
../tf-psa-crypto/programs/psa/crypto_examples \
@@ -67,8 +47,6 @@
../tf-psa-crypto/programs/psa/key_ladder_demo \
../tf-psa-crypto/programs/psa/psa_constant_names \
../tf-psa-crypto/programs/psa/psa_hash \
- random/gen_entropy \
- random/gen_random_ctr_drbg \
ssl/dtls_client \
ssl/dtls_server \
ssl/mini_client \
@@ -157,70 +135,10 @@
echo " Gen $@"
$(PERL) ../scripts/generate_query_config.pl
-aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c $(DEP)
- echo " CC aes/crypt_and_hash.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/crypt_and_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-cipher/cipher_aead_demo$(EXEXT): cipher/cipher_aead_demo.c $(DEP)
- echo " CC cipher/cipher_aead_demo.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) cipher/cipher_aead_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-hash/generic_sum$(EXEXT): hash/generic_sum.c $(DEP)
- echo " CC hash/generic_sum.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/generic_sum.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-hash/hello$(EXEXT): hash/hello.c $(DEP)
- echo " CC hash/hello.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/hello.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-hash/md_hmac_demo$(EXEXT): hash/md_hmac_demo.c $(DEP)
- echo " CC hash/md_hmac_demo.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/md_hmac_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/dh_client$(EXEXT): pkey/dh_client.c $(DEP)
- echo " CC pkey/dh_client.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/dh_genprime$(EXEXT): pkey/dh_genprime.c $(DEP)
- echo " CC pkey/dh_genprime.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_genprime.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/dh_server$(EXEXT): pkey/dh_server.c $(DEP)
- echo " CC pkey/dh_server.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/ecdh_curve25519$(EXEXT): pkey/ecdh_curve25519.c $(DEP)
- echo " CC pkey/ecdh_curve25519.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/ecdh_curve25519.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/ecdsa$(EXEXT): pkey/ecdsa.c $(DEP)
- echo " CC pkey/ecdsa.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/ecdsa.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
pkey/gen_key$(EXEXT): pkey/gen_key.c $(DEP)
echo " CC pkey/gen_key.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/gen_key.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-pkey/key_app$(EXEXT): pkey/key_app.c $(DEP)
- echo " CC pkey/key_app.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/key_app.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/key_app_writer$(EXEXT): pkey/key_app_writer.c $(DEP)
- echo " CC pkey/key_app_writer.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/key_app_writer.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/mpi_demo$(EXEXT): pkey/mpi_demo.c $(DEP)
- echo " CC pkey/mpi_demo.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/mpi_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/pk_decrypt$(EXEXT): pkey/pk_decrypt.c $(DEP)
- echo " CC pkey/pk_decrypt.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_decrypt.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/pk_encrypt$(EXEXT): pkey/pk_encrypt.c $(DEP)
- echo " CC pkey/pk_encrypt.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_encrypt.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
pkey/pk_sign$(EXEXT): pkey/pk_sign.c $(DEP)
echo " CC pkey/pk_sign.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_sign.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -229,18 +147,6 @@
echo " CC pkey/pk_verify.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_verify.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-pkey/rsa_genkey$(EXEXT): pkey/rsa_genkey.c $(DEP)
- echo " CC pkey/rsa_genkey.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_genkey.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/rsa_sign$(EXEXT): pkey/rsa_sign.c $(DEP)
- echo " CC pkey/rsa_sign.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_sign.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/rsa_verify$(EXEXT): pkey/rsa_verify.c $(DEP)
- echo " CC pkey/rsa_verify.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_verify.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
pkey/rsa_sign_pss$(EXEXT): pkey/rsa_sign_pss.c $(DEP)
echo " CC pkey/rsa_sign_pss.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_sign_pss.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -249,14 +155,6 @@
echo " CC pkey/rsa_verify_pss.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_verify_pss.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-pkey/rsa_decrypt$(EXEXT): pkey/rsa_decrypt.c $(DEP)
- echo " CC pkey/rsa_decrypt.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_decrypt.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/rsa_encrypt$(EXEXT): pkey/rsa_encrypt.c $(DEP)
- echo " CC pkey/rsa_encrypt.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_encrypt.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
../tf-psa-crypto/programs/psa/aead_demo$(EXEXT): ../tf-psa-crypto/programs/psa/aead_demo.c $(DEP)
echo " CC psa/aead_demo.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ../tf-psa-crypto/programs/psa/aead_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -281,14 +179,6 @@
echo " CC psa/psa_hash.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ../tf-psa-crypto/programs/psa/psa_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-random/gen_entropy$(EXEXT): random/gen_entropy.c $(DEP)
- echo " CC random/gen_entropy.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_entropy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-random/gen_random_ctr_drbg$(EXEXT): random/gen_random_ctr_drbg.c $(DEP)
- echo " CC random/gen_random_ctr_drbg.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_random_ctr_drbg.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
ssl/dtls_client$(EXEXT): ssl/dtls_client.c $(DEP)
echo " CC ssl/dtls_client.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/dtls_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
diff --git a/programs/README.md b/programs/README.md
index 5e5f40a..9239e8a 100644
--- a/programs/README.md
+++ b/programs/README.md
@@ -3,63 +3,16 @@
This subdirectory mostly contains sample programs that illustrate specific features of the library, as well as a few test and support programs.
-## Symmetric cryptography (AES) examples
-
-* [`aes/crypt_and_hash.c`](aes/crypt_and_hash.c): file encryption and authentication, demonstrating the generic cipher interface and the generic hash interface.
-
-## Hash (digest) examples
-
-* [`hash/generic_sum.c`](hash/generic_sum.c): file hash calculator and verifier, demonstrating the message digest (`md`) interface.
-
-* [`hash/hello.c`](hash/hello.c): hello-world program for MD5.
-
-## Public-key cryptography examples
-
### Generic public-key cryptography (`pk`) examples
* [`pkey/gen_key.c`](pkey/gen_key.c): generates a key for any of the supported public-key algorithms (RSA or ECC) and writes it to a file that can be used by the other pk sample programs.
-* [`pkey/key_app.c`](pkey/key_app.c): loads a PEM or DER public key or private key file and dumps its content.
-
-* [`pkey/key_app_writer.c`](pkey/key_app_writer.c): loads a PEM or DER public key or private key file and writes it to a new PEM or DER file.
-
-* [`pkey/pk_encrypt.c`](pkey/pk_encrypt.c), [`pkey/pk_decrypt.c`](pkey/pk_decrypt.c): loads a PEM or DER public/private key file and uses the key to encrypt/decrypt a short string through the generic public-key interface.
-
* [`pkey/pk_sign.c`](pkey/pk_sign.c), [`pkey/pk_verify.c`](pkey/pk_verify.c): loads a PEM or DER private/public key file and uses the key to sign/verify a short string.
### ECDSA and RSA signature examples
-* [`pkey/ecdsa.c`](pkey/ecdsa.c): generates an ECDSA key, signs a fixed message and verifies the signature.
-
-* [`pkey/rsa_encrypt.c`](pkey/rsa_encrypt.c), [`pkey/rsa_decrypt.c`](pkey/rsa_decrypt.c): loads an RSA public/private key and uses it to encrypt/decrypt a short string through the low-level RSA interface.
-
-* [`pkey/rsa_genkey.c`](pkey/rsa_genkey.c): generates an RSA key and writes it to a file that can be used with the other RSA sample programs.
-
-* [`pkey/rsa_sign.c`](pkey/rsa_sign.c), [`pkey/rsa_verify.c`](pkey/rsa_verify.c): loads an RSA private/public key and uses it to sign/verify a short string with the RSA PKCS#1 v1.5 algorithm.
-
* [`pkey/rsa_sign_pss.c`](pkey/rsa_sign_pss.c), [`pkey/rsa_verify_pss.c`](pkey/rsa_verify_pss.c): loads an RSA private/public key and uses it to sign/verify a short string with the RSASSA-PSS algorithm.
-### Diffie-Hellman key exchange examples
-
-* [`pkey/dh_client.c`](pkey/dh_client.c), [`pkey/dh_server.c`](pkey/dh_server.c): secure channel demonstrators (client, server). This pair of programs illustrates how to set up a secure channel using RSA for authentication and Diffie-Hellman to generate a shared AES session key.
-
-* [`pkey/ecdh_curve25519.c`](pkey/ecdh_curve25519.c): demonstration of a elliptic curve Diffie-Hellman (ECDH) key agreement.
-
-### Bignum (`mpi`) usage examples
-
-* [`pkey/dh_genprime.c`](pkey/dh_genprime.c): shows how to use the bignum (`mpi`) interface to generate Diffie-Hellman parameters.
-
-* [`pkey/mpi_demo.c`](pkey/mpi_demo.c): demonstrates operations on big integers.
-
-## Random number generator (RNG) examples
-
-* [`random/gen_entropy.c`](random/gen_entropy.c): shows how to use the default entropy sources to generate random data.
- Note: most applications should only use the entropy generator to seed a cryptographic pseudorandom generator, as illustrated by `random/gen_random_ctr_drbg.c`.
-
-* [`random/gen_random_ctr_drbg.c`](random/gen_random_ctr_drbg.c): shows how to use the default entropy sources to seed a pseudorandom generator, and how to use the resulting random generator to generate random data.
-
-## SSL/TLS examples
-
### SSL/TLS sample applications
* [`ssl/dtls_client.c`](ssl/dtls_client.c): a simple DTLS client program, which sends one datagram to the server and reads one datagram in response.
diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt
deleted file mode 100644
index c5128b1..0000000
--- a/programs/aes/CMakeLists.txt
+++ /dev/null
@@ -1,15 +0,0 @@
-set(executables
- crypt_and_hash
-)
-add_dependencies(${programs_target} ${executables})
-
-foreach(exe IN LISTS executables)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- set_base_compile_options(${exe})
- target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
- target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include)
-endforeach()
-
-install(TARGETS ${executables}
- DESTINATION "bin"
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c
deleted file mode 100644
index b2cd704..0000000
--- a/programs/aes/crypt_and_hash.c
+++ /dev/null
@@ -1,577 +0,0 @@
-/*
- * \brief Generic file encryption program using generic wrappers for configured
- * security.
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-/* Enable definition of fileno() even when compiling with -std=c99. Must be
- * set before mbedtls_config.h, which pulls in glibc's features.h indirectly.
- * Harmless on other platforms. */
-#define _POSIX_C_SOURCE 200112L
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_FS_IO)
-#include "mbedtls/cipher.h"
-#include "mbedtls/md.h"
-#include "mbedtls/platform_util.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#endif
-
-#if defined(_WIN32)
-#include <windows.h>
-#if !defined(_WIN32_WCE)
-#include <io.h>
-#endif
-#else
-#include <sys/types.h>
-#include <unistd.h>
-#endif
-
-#define MODE_ENCRYPT 0
-#define MODE_DECRYPT 1
-
-#define USAGE \
- "\n crypt_and_hash <mode> <input filename> <output filename> <cipher> <mbedtls_md> <key>\n" \
- "\n <mode>: 0 = encrypt, 1 = decrypt\n" \
- "\n example: crypt_and_hash 0 file file.aes AES-128-CBC SHA1 hex:E76B2413958B00E193\n" \
- "\n"
-
-#if !defined(MBEDTLS_CIPHER_C) || !defined(MBEDTLS_MD_C) || \
- !defined(MBEDTLS_FS_IO)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_CIPHER_C and/or MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(int argc, char *argv[])
-{
- int ret = 1, i;
- unsigned n;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- int mode;
- size_t keylen, ilen, olen;
- FILE *fkey, *fin = NULL, *fout = NULL;
-
- char *p;
- unsigned char IV[16];
- unsigned char key[512];
- unsigned char digest[MBEDTLS_MD_MAX_SIZE];
- unsigned char buffer[1024];
- unsigned char output[1024];
- unsigned char diff;
-
- const mbedtls_cipher_info_t *cipher_info;
- const mbedtls_md_info_t *md_info;
- mbedtls_cipher_context_t cipher_ctx;
- mbedtls_md_context_t md_ctx;
- mbedtls_cipher_mode_t cipher_mode;
- unsigned int cipher_block_size;
- unsigned char md_size;
-#if defined(_WIN32_WCE)
- long filesize, offset;
-#elif defined(_WIN32)
- LARGE_INTEGER li_size;
- __int64 filesize, offset;
-#else
- off_t filesize, offset;
-#endif
-
- mbedtls_cipher_init(&cipher_ctx);
- mbedtls_md_init(&md_ctx);
-
- /*
- * Parse the command-line arguments.
- */
- if (argc != 7) {
- const int *list;
-
- mbedtls_printf(USAGE);
-
- mbedtls_printf("Available ciphers:\n");
- list = mbedtls_cipher_list();
- while (*list) {
- cipher_info = mbedtls_cipher_info_from_type(*list);
- const char *name = mbedtls_cipher_info_get_name(cipher_info);
-
- if (name) {
- mbedtls_printf(" %s\n", mbedtls_cipher_info_get_name(cipher_info));
- }
- list++;
- }
-
- mbedtls_printf("\nAvailable message digests:\n");
- list = mbedtls_md_list();
- while (*list) {
- md_info = mbedtls_md_info_from_type(*list);
- mbedtls_printf(" %s\n", mbedtls_md_get_name(md_info));
- list++;
- }
-
- goto exit;
- }
-
- mode = atoi(argv[1]);
-
- if (mode != MODE_ENCRYPT && mode != MODE_DECRYPT) {
- mbedtls_fprintf(stderr, "invalid operation mode\n");
- goto exit;
- }
-
- if (strcmp(argv[2], argv[3]) == 0) {
- mbedtls_fprintf(stderr, "input and output filenames must differ\n");
- goto exit;
- }
-
- if ((fin = fopen(argv[2], "rb")) == NULL) {
- mbedtls_fprintf(stderr, "fopen(%s,rb) failed\n", argv[2]);
- goto exit;
- }
-
- if ((fout = fopen(argv[3], "wb+")) == NULL) {
- mbedtls_fprintf(stderr, "fopen(%s,wb+) failed\n", argv[3]);
- goto exit;
- }
-
- /* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
- mbedtls_setbuf(fin, NULL);
- mbedtls_setbuf(fout, NULL);
-
- /*
- * Read the Cipher and MD from the command line
- */
- cipher_info = mbedtls_cipher_info_from_string(argv[4]);
- if (cipher_info == NULL) {
- mbedtls_fprintf(stderr, "Cipher '%s' not found\n", argv[4]);
- goto exit;
- }
- if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_setup failed\n");
- goto exit;
- }
-
- md_info = mbedtls_md_info_from_string(argv[5]);
- if (md_info == NULL) {
- mbedtls_fprintf(stderr, "Message Digest '%s' not found\n", argv[5]);
- goto exit;
- }
-
- if (mbedtls_md_setup(&md_ctx, md_info, 1) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_setup failed\n");
- goto exit;
- }
-
- /*
- * Read the secret key from file or command line
- */
- if ((fkey = fopen(argv[6], "rb")) != NULL) {
- keylen = fread(key, 1, sizeof(key), fkey);
- fclose(fkey);
- } else {
- if (memcmp(argv[6], "hex:", 4) == 0) {
- p = &argv[6][4];
- keylen = 0;
-
- while (sscanf(p, "%02X", (unsigned int *) &n) > 0 &&
- keylen < (int) sizeof(key)) {
- key[keylen++] = (unsigned char) n;
- p += 2;
- }
- } else {
- keylen = strlen(argv[6]);
-
- if (keylen > (int) sizeof(key)) {
- keylen = (int) sizeof(key);
- }
-
- memcpy(key, argv[6], keylen);
- }
- }
-
-#if defined(_WIN32_WCE)
- filesize = fseek(fin, 0L, SEEK_END);
-#else
-#if defined(_WIN32)
- /*
- * Support large files (> 2Gb) on Win32
- */
- li_size.QuadPart = 0;
- li_size.LowPart =
- SetFilePointer((HANDLE) _get_osfhandle(_fileno(fin)),
- li_size.LowPart, &li_size.HighPart, FILE_END);
-
- if (li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR) {
- mbedtls_fprintf(stderr, "SetFilePointer(0,FILE_END) failed\n");
- goto exit;
- }
-
- filesize = li_size.QuadPart;
-#else
- if ((filesize = lseek(fileno(fin), 0, SEEK_END)) < 0) {
- perror("lseek");
- goto exit;
- }
-#endif
-#endif
-
- if (fseek(fin, 0, SEEK_SET) < 0) {
- mbedtls_fprintf(stderr, "fseek(0,SEEK_SET) failed\n");
- goto exit;
- }
-
- md_size = mbedtls_md_get_size(md_info);
- cipher_block_size = mbedtls_cipher_get_block_size(&cipher_ctx);
-
- if (mode == MODE_ENCRYPT) {
- /*
- * Generate the initialization vector as:
- * IV = MD( filesize || filename )[0..15]
- */
- for (i = 0; i < 8; i++) {
- buffer[i] = (unsigned char) (filesize >> (i << 3));
- }
-
- p = argv[2];
-
- if (mbedtls_md_starts(&md_ctx) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_starts() returned error\n");
- goto exit;
- }
- if (mbedtls_md_update(&md_ctx, buffer, 8) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n");
- goto exit;
- }
- if (mbedtls_md_update(&md_ctx, (unsigned char *) p, strlen(p))
- != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n");
- goto exit;
- }
- if (mbedtls_md_finish(&md_ctx, digest) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_finish() returned error\n");
- goto exit;
- }
-
- memcpy(IV, digest, 16);
-
- /*
- * Append the IV at the beginning of the output.
- */
- if (fwrite(IV, 1, 16, fout) != 16) {
- mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", 16);
- goto exit;
- }
-
- /*
- * Hash the IV and the secret key together 8192 times
- * using the result to setup the AES context and HMAC.
- */
- memset(digest, 0, 32);
- memcpy(digest, IV, 16);
-
- for (i = 0; i < 8192; i++) {
- if (mbedtls_md_starts(&md_ctx) != 0) {
- mbedtls_fprintf(stderr,
- "mbedtls_md_starts() returned error\n");
- goto exit;
- }
- if (mbedtls_md_update(&md_ctx, digest, 32) != 0) {
- mbedtls_fprintf(stderr,
- "mbedtls_md_update() returned error\n");
- goto exit;
- }
- if (mbedtls_md_update(&md_ctx, key, keylen) != 0) {
- mbedtls_fprintf(stderr,
- "mbedtls_md_update() returned error\n");
- goto exit;
- }
- if (mbedtls_md_finish(&md_ctx, digest) != 0) {
- mbedtls_fprintf(stderr,
- "mbedtls_md_finish() returned error\n");
- goto exit;
- }
-
- }
-
- if (mbedtls_cipher_setkey(&cipher_ctx,
- digest,
- (int) mbedtls_cipher_info_get_key_bitlen(cipher_info),
- MBEDTLS_ENCRYPT) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_setkey() returned error\n");
- goto exit;
- }
- if (mbedtls_cipher_set_iv(&cipher_ctx, IV, 16) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_set_iv() returned error\n");
- goto exit;
- }
- if (mbedtls_cipher_reset(&cipher_ctx) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_reset() returned error\n");
- goto exit;
- }
-
- if (mbedtls_md_hmac_starts(&md_ctx, digest, 32) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_hmac_starts() returned error\n");
- goto exit;
- }
-
- /*
- * Encrypt and write the ciphertext.
- */
- for (offset = 0; offset < filesize; offset += cipher_block_size) {
- ilen = ((unsigned int) filesize - offset > cipher_block_size) ?
- cipher_block_size : (unsigned int) (filesize - offset);
-
- if (fread(buffer, 1, ilen, fin) != ilen) {
- mbedtls_fprintf(stderr, "fread(%ld bytes) failed\n", (long) ilen);
- goto exit;
- }
-
- if (mbedtls_cipher_update(&cipher_ctx, buffer, ilen, output, &olen) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_update() returned error\n");
- goto exit;
- }
-
- if (mbedtls_md_hmac_update(&md_ctx, output, olen) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n");
- goto exit;
- }
-
- if (fwrite(output, 1, olen, fout) != olen) {
- mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen);
- goto exit;
- }
- }
-
- if (mbedtls_cipher_finish(&cipher_ctx, output, &olen) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_finish() returned error\n");
- goto exit;
- }
- if (mbedtls_md_hmac_update(&md_ctx, output, olen) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n");
- goto exit;
- }
-
- if (fwrite(output, 1, olen, fout) != olen) {
- mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen);
- goto exit;
- }
-
- /*
- * Finally write the HMAC.
- */
- if (mbedtls_md_hmac_finish(&md_ctx, digest) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_hmac_finish() returned error\n");
- goto exit;
- }
-
- if (fwrite(digest, 1, md_size, fout) != md_size) {
- mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", md_size);
- goto exit;
- }
- }
-
- if (mode == MODE_DECRYPT) {
- /*
- * The encrypted file must be structured as follows:
- *
- * 00 .. 15 Initialization Vector
- * 16 .. 31 Encrypted Block #1
- * ..
- * N*16 .. (N+1)*16 - 1 Encrypted Block #N
- * (N+1)*16 .. (N+1)*16 + n Hash(ciphertext)
- */
- if (filesize < 16 + md_size) {
- mbedtls_fprintf(stderr, "File too short to be encrypted.\n");
- goto exit;
- }
-
- if (cipher_block_size == 0) {
- mbedtls_fprintf(stderr, "Invalid cipher block size: 0. \n");
- goto exit;
- }
-
- /*
- * Check the file size.
- */
- cipher_mode = mbedtls_cipher_info_get_mode(cipher_info);
- if (cipher_mode != MBEDTLS_MODE_GCM &&
- cipher_mode != MBEDTLS_MODE_CTR &&
- cipher_mode != MBEDTLS_MODE_CFB &&
- cipher_mode != MBEDTLS_MODE_OFB &&
- ((filesize - md_size) % cipher_block_size) != 0) {
- mbedtls_fprintf(stderr, "File content not a multiple of the block size (%u).\n",
- cipher_block_size);
- goto exit;
- }
-
- /*
- * Subtract the IV + HMAC length.
- */
- filesize -= (16 + md_size);
-
- /*
- * Read the IV and original filesize modulo 16.
- */
- if (fread(buffer, 1, 16, fin) != 16) {
- mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", 16);
- goto exit;
- }
-
- memcpy(IV, buffer, 16);
-
- /*
- * Hash the IV and the secret key together 8192 times
- * using the result to setup the AES context and HMAC.
- */
- memset(digest, 0, 32);
- memcpy(digest, IV, 16);
-
- for (i = 0; i < 8192; i++) {
- if (mbedtls_md_starts(&md_ctx) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_starts() returned error\n");
- goto exit;
- }
- if (mbedtls_md_update(&md_ctx, digest, 32) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n");
- goto exit;
- }
- if (mbedtls_md_update(&md_ctx, key, keylen) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n");
- goto exit;
- }
- if (mbedtls_md_finish(&md_ctx, digest) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_finish() returned error\n");
- goto exit;
- }
- }
-
- if (mbedtls_cipher_setkey(&cipher_ctx,
- digest,
- (int) mbedtls_cipher_info_get_key_bitlen(cipher_info),
- MBEDTLS_DECRYPT) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_setkey() returned error\n");
- goto exit;
- }
-
- if (mbedtls_cipher_set_iv(&cipher_ctx, IV, 16) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_set_iv() returned error\n");
- goto exit;
- }
-
- if (mbedtls_cipher_reset(&cipher_ctx) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_reset() returned error\n");
- goto exit;
- }
-
- if (mbedtls_md_hmac_starts(&md_ctx, digest, 32) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_hmac_starts() returned error\n");
- goto exit;
- }
-
- /*
- * Decrypt and write the plaintext.
- */
- for (offset = 0; offset < filesize; offset += cipher_block_size) {
- ilen = ((unsigned int) filesize - offset > cipher_block_size) ?
- cipher_block_size : (unsigned int) (filesize - offset);
-
- if (fread(buffer, 1, ilen, fin) != ilen) {
- mbedtls_fprintf(stderr, "fread(%u bytes) failed\n",
- cipher_block_size);
- goto exit;
- }
-
- if (mbedtls_md_hmac_update(&md_ctx, buffer, ilen) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n");
- goto exit;
- }
- if (mbedtls_cipher_update(&cipher_ctx, buffer, ilen, output,
- &olen) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_update() returned error\n");
- goto exit;
- }
-
- if (fwrite(output, 1, olen, fout) != olen) {
- mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen);
- goto exit;
- }
- }
-
- /*
- * Verify the message authentication code.
- */
- if (mbedtls_md_hmac_finish(&md_ctx, digest) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_md_hmac_finish() returned error\n");
- goto exit;
- }
-
- if (fread(buffer, 1, md_size, fin) != md_size) {
- mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", md_size);
- goto exit;
- }
-
- /* Use constant-time buffer comparison */
- diff = 0;
- for (i = 0; i < md_size; i++) {
- diff |= digest[i] ^ buffer[i];
- }
-
- if (diff != 0) {
- mbedtls_fprintf(stderr, "HMAC check failed: wrong key, "
- "or file corrupted.\n");
- goto exit;
- }
-
- /*
- * Write the final block of data
- */
- if (mbedtls_cipher_finish(&cipher_ctx, output, &olen) != 0) {
- mbedtls_fprintf(stderr, "mbedtls_cipher_finish() returned error\n");
- goto exit;
- }
-
- if (fwrite(output, 1, olen, fout) != olen) {
- mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen);
- goto exit;
- }
- }
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
- if (fin) {
- fclose(fin);
- }
- if (fout) {
- fclose(fout);
- }
-
- /* Zeroize all command line arguments to also cover
- the case when the user has missed or reordered some,
- in which case the key might not be in argv[6]. */
- for (i = 0; i < argc; i++) {
- mbedtls_platform_zeroize(argv[i], strlen(argv[i]));
- }
-
- mbedtls_platform_zeroize(IV, sizeof(IV));
- mbedtls_platform_zeroize(key, sizeof(key));
- mbedtls_platform_zeroize(buffer, sizeof(buffer));
- mbedtls_platform_zeroize(output, sizeof(output));
- mbedtls_platform_zeroize(digest, sizeof(digest));
-
- mbedtls_cipher_free(&cipher_ctx);
- mbedtls_md_free(&md_ctx);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_CIPHER_C && MBEDTLS_MD_C && MBEDTLS_FS_IO */
diff --git a/programs/cipher/CMakeLists.txt b/programs/cipher/CMakeLists.txt
deleted file mode 100644
index d648301..0000000
--- a/programs/cipher/CMakeLists.txt
+++ /dev/null
@@ -1,15 +0,0 @@
-set(executables
- cipher_aead_demo
-)
-add_dependencies(${programs_target} ${executables})
-
-foreach(exe IN LISTS executables)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- set_base_compile_options(${exe})
- target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
- target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include)
-endforeach()
-
-install(TARGETS ${executables}
- DESTINATION "bin"
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/cipher/cipher_aead_demo.c b/programs/cipher/cipher_aead_demo.c
deleted file mode 100644
index 83fcce5..0000000
--- a/programs/cipher/cipher_aead_demo.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/**
- * Cipher API multi-part AEAD demonstration.
- *
- * This program AEAD-encrypts a message, using the algorithm and key size
- * specified on the command line, using the multi-part API.
- *
- * It comes with a companion program psa/aead_demo.c, which does the same
- * operations with the PSA Crypto API. The goal is that comparing the two
- * programs will help people migrating to the PSA Crypto API.
- *
- * When used with multi-part AEAD operations, the `mbedtls_cipher_context`
- * serves a triple purpose (1) hold the key, (2) store the algorithm when no
- * operation is active, and (3) save progress information for the current
- * operation. With PSA those roles are held by disinct objects: (1) a
- * psa_key_id_t to hold the key, a (2) psa_algorithm_t to represent the
- * algorithm, and (3) a psa_operation_t for multi-part progress.
- *
- * On the other hand, with PSA, the algorithms encodes the desired tag length;
- * with Cipher the desired tag length needs to be tracked separately.
- *
- * This program and its companion psa/aead_demo.c illustrate this by doing the
- * same sequence of multi-part AEAD computation with both APIs; looking at the
- * two side by side should make the differences and similarities clear.
- */
-
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-/* First include Mbed TLS headers to get the Mbed TLS configuration and
- * platform definitions that we'll use in this program. Also include
- * standard C headers for functions we'll use here. */
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/cipher.h"
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-
-/* If the build options we need are not enabled, compile a placeholder. */
-#if !defined(MBEDTLS_CIPHER_C) || \
- !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_GCM_C) || \
- !defined(MBEDTLS_CHACHAPOLY_C)
-int main(void)
-{
- printf("MBEDTLS_MD_C and/or "
- "MBEDTLS_AES_C and/or MBEDTLS_GCM_C and/or "
- "MBEDTLS_CHACHAPOLY_C not defined\r\n");
- return 0;
-}
-#else
-
-/* The real program starts here. */
-
-const char usage[] =
- "Usage: cipher_aead_demo [aes128-gcm|aes256-gcm|aes128-gcm_8|chachapoly]";
-
-/* Dummy data for encryption: IV/nonce, additional data, 2-part message */
-const unsigned char iv1[12] = { 0x00 };
-const unsigned char add_data1[] = { 0x01, 0x02 };
-const unsigned char msg1_part1[] = { 0x03, 0x04 };
-const unsigned char msg1_part2[] = { 0x05, 0x06, 0x07 };
-
-/* Dummy data (2nd message) */
-const unsigned char iv2[12] = { 0x10 };
-const unsigned char add_data2[] = { 0x11, 0x12 };
-const unsigned char msg2_part1[] = { 0x13, 0x14 };
-const unsigned char msg2_part2[] = { 0x15, 0x16, 0x17 };
-
-/* Maximum total size of the messages */
-#define MSG1_SIZE (sizeof(msg1_part1) + sizeof(msg1_part2))
-#define MSG2_SIZE (sizeof(msg2_part1) + sizeof(msg2_part2))
-#define MSG_MAX_SIZE (MSG1_SIZE > MSG2_SIZE ? MSG1_SIZE : MSG2_SIZE)
-
-/* Dummy key material - never do this in production!
- * 32-byte is enough to all the key size supported by this program. */
-const unsigned char key_bytes[32] = { 0x2a };
-
-/* Print the contents of a buffer in hex */
-static void print_buf(const char *title, unsigned char *buf, size_t len)
-{
- printf("%s:", title);
- for (size_t i = 0; i < len; i++) {
- printf(" %02x", buf[i]);
- }
- printf("\n");
-}
-
-/* Run an Mbed TLS function and bail out if it fails.
- * A string description of the error code can be recovered with:
- * programs/util/strerror <value> */
-#define CHK(expr) \
- do \
- { \
- ret = (expr); \
- if (ret != 0) \
- { \
- printf("Error %d at line %d: %s\n", \
- ret, \
- __LINE__, \
- #expr); \
- goto exit; \
- } \
- } while (0)
-
-/*
- * Prepare encryption material:
- * - interpret command-line argument
- * - set up key
- * - outputs: context and tag length, which together hold all the information
- */
-static int aead_prepare(const char *info,
- mbedtls_cipher_context_t *ctx,
- size_t *tag_len)
-{
- int ret;
-
- /* Convert arg to type + tag_len */
- mbedtls_cipher_type_t type;
- if (strcmp(info, "aes128-gcm") == 0) {
- type = MBEDTLS_CIPHER_AES_128_GCM;
- *tag_len = 16;
- } else if (strcmp(info, "aes256-gcm") == 0) {
- type = MBEDTLS_CIPHER_AES_256_GCM;
- *tag_len = 16;
- } else if (strcmp(info, "aes128-gcm_8") == 0) {
- type = MBEDTLS_CIPHER_AES_128_GCM;
- *tag_len = 8;
- } else if (strcmp(info, "chachapoly") == 0) {
- type = MBEDTLS_CIPHER_CHACHA20_POLY1305;
- *tag_len = 16;
- } else {
- puts(usage);
- return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
- }
-
- /* Prepare context for the given type */
- CHK(mbedtls_cipher_setup(ctx,
- mbedtls_cipher_info_from_type(type)));
-
- /* Import key */
- int key_len = mbedtls_cipher_get_key_bitlen(ctx);
- CHK(mbedtls_cipher_setkey(ctx, key_bytes, key_len, MBEDTLS_ENCRYPT));
-
-exit:
- return ret;
-}
-
-/*
- * Print out some information.
- *
- * All of this information was present in the command line argument, but his
- * function demonstrates how each piece can be recovered from (ctx, tag_len).
- */
-static void aead_info(const mbedtls_cipher_context_t *ctx, size_t tag_len)
-{
- mbedtls_cipher_type_t type = mbedtls_cipher_get_type(ctx);
- const mbedtls_cipher_info_t *info = mbedtls_cipher_info_from_type(type);
- const char *ciph = mbedtls_cipher_info_get_name(info);
- int key_bits = mbedtls_cipher_get_key_bitlen(ctx);
- mbedtls_cipher_mode_t mode = mbedtls_cipher_get_cipher_mode(ctx);
-
- const char *mode_str = mode == MBEDTLS_MODE_GCM ? "GCM"
- : mode == MBEDTLS_MODE_CHACHAPOLY ? "ChachaPoly"
- : "???";
-
- printf("%s, %d, %s, %u\n",
- ciph, key_bits, mode_str, (unsigned) tag_len);
-}
-
-/*
- * Encrypt a 2-part message.
- */
-static int aead_encrypt(mbedtls_cipher_context_t *ctx, size_t tag_len,
- const unsigned char *iv, size_t iv_len,
- const unsigned char *ad, size_t ad_len,
- const unsigned char *part1, size_t part1_len,
- const unsigned char *part2, size_t part2_len)
-{
- int ret;
- size_t olen;
-#define MAX_TAG_LENGTH 16
- unsigned char out[MSG_MAX_SIZE + MAX_TAG_LENGTH];
- unsigned char *p = out;
-
- CHK(mbedtls_cipher_set_iv(ctx, iv, iv_len));
- CHK(mbedtls_cipher_reset(ctx));
- CHK(mbedtls_cipher_update_ad(ctx, ad, ad_len));
- CHK(mbedtls_cipher_update(ctx, part1, part1_len, p, &olen));
- p += olen;
- CHK(mbedtls_cipher_update(ctx, part2, part2_len, p, &olen));
- p += olen;
- CHK(mbedtls_cipher_finish(ctx, p, &olen));
- p += olen;
- CHK(mbedtls_cipher_write_tag(ctx, p, tag_len));
- p += tag_len;
-
- olen = p - out;
- print_buf("out", out, olen);
-
-exit:
- return ret;
-}
-
-/*
- * AEAD demo: set up key/alg, print out info, encrypt messages.
- */
-static int aead_demo(const char *info)
-{
- int ret = 0;
-
- mbedtls_cipher_context_t ctx;
- size_t tag_len;
-
- mbedtls_cipher_init(&ctx);
-
- CHK(aead_prepare(info, &ctx, &tag_len));
-
- aead_info(&ctx, tag_len);
-
- CHK(aead_encrypt(&ctx, tag_len,
- iv1, sizeof(iv1), add_data1, sizeof(add_data1),
- msg1_part1, sizeof(msg1_part1),
- msg1_part2, sizeof(msg1_part2)));
- CHK(aead_encrypt(&ctx, tag_len,
- iv2, sizeof(iv2), add_data2, sizeof(add_data2),
- msg2_part1, sizeof(msg2_part1),
- msg2_part2, sizeof(msg2_part2)));
-
-exit:
- mbedtls_cipher_free(&ctx);
-
- return ret;
-}
-
-
-/*
- * Main function
- */
-int main(int argc, char **argv)
-{
- /* Check usage */
- if (argc != 2) {
- puts(usage);
- return 1;
- }
-
- int ret;
-
- /* Run the demo */
- CHK(aead_demo(argv[1]));
-
-exit:
- return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
-}
-
-#endif
diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c
index 98aa403..41fa858 100644
--- a/programs/fuzz/common.c
+++ b/programs/fuzz/common.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "common.h"
#include <limits.h>
#include <stdio.h>
diff --git a/programs/fuzz/fuzz_client.c b/programs/fuzz/fuzz_client.c
index 07ca96e..6d3b73f 100644
--- a/programs/fuzz/fuzz_client.c
+++ b/programs/fuzz/fuzz_client.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
@@ -139,9 +141,6 @@
//There may be other options to add :
// mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes
- srand(1);
- mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
-
if (mbedtls_ssl_setup(&ssl, &conf) != 0) {
goto exit;
}
diff --git a/programs/fuzz/fuzz_dtlsclient.c b/programs/fuzz/fuzz_dtlsclient.c
index 6581dcb..efe1362 100644
--- a/programs/fuzz/fuzz_dtlsclient.c
+++ b/programs/fuzz/fuzz_dtlsclient.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
@@ -66,7 +68,6 @@
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
- srand(1);
if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy,
(const unsigned char *) pers, strlen(pers)) != 0) {
goto exit;
@@ -83,7 +84,6 @@
mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
#endif
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE);
- mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
if (mbedtls_ssl_setup(&ssl, &conf) != 0) {
goto exit;
diff --git a/programs/fuzz/fuzz_dtlsserver.c b/programs/fuzz/fuzz_dtlsserver.c
index c2dbef8..31eb514 100644
--- a/programs/fuzz/fuzz_dtlsserver.c
+++ b/programs/fuzz/fuzz_dtlsserver.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
@@ -80,8 +82,7 @@
return 1;
}
if (mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0,
- dummy_random, &ctr_drbg) != 0) {
+ mbedtls_test_srv_key_len, NULL, 0) != 0) {
return 1;
}
#endif
@@ -97,10 +98,6 @@
goto exit;
}
-
- srand(1);
- mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
-
#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
if (mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey) != 0) {
@@ -108,7 +105,7 @@
}
#endif
- if (mbedtls_ssl_cookie_setup(&cookie_ctx, dummy_random, &ctr_drbg) != 0) {
+ if (mbedtls_ssl_cookie_setup(&cookie_ctx) != 0) {
goto exit;
}
diff --git a/programs/fuzz/fuzz_pkcs7.c b/programs/fuzz/fuzz_pkcs7.c
index 38b4dc1..9ec9351 100644
--- a/programs/fuzz/fuzz_pkcs7.c
+++ b/programs/fuzz/fuzz_pkcs7.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include <stdint.h>
#include "mbedtls/pkcs7.h"
#include "common.h"
diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c
index 7530964..8055603 100644
--- a/programs/fuzz/fuzz_privkey.c
+++ b/programs/fuzz/fuzz_privkey.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
@@ -42,8 +44,7 @@
goto exit;
}
- ret = mbedtls_pk_parse_key(&pk, Data, Size, NULL, 0,
- dummy_random, &ctr_drbg);
+ ret = mbedtls_pk_parse_key(&pk, Data, Size, NULL, 0);
if (ret == 0) {
#if defined(MBEDTLS_RSA_C)
if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) {
diff --git a/programs/fuzz/fuzz_pubkey.c b/programs/fuzz/fuzz_pubkey.c
index b2500e5..69e85e0 100644
--- a/programs/fuzz/fuzz_pubkey.c
+++ b/programs/fuzz/fuzz_pubkey.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include <stdint.h>
#include <stdlib.h>
#include "mbedtls/pk.h"
diff --git a/programs/fuzz/fuzz_server.c b/programs/fuzz/fuzz_server.c
index 28f9e33..bb9dd0a 100644
--- a/programs/fuzz/fuzz_server.c
+++ b/programs/fuzz/fuzz_server.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
@@ -89,8 +91,7 @@
return 1;
}
if (mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0,
- dummy_random, &ctr_drbg) != 0) {
+ mbedtls_test_srv_key_len, NULL, 0) != 0) {
return 1;
}
#endif
@@ -111,9 +112,6 @@
goto exit;
}
- srand(1);
- mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
-
#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
if (mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey) != 0) {
@@ -132,8 +130,6 @@
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
if (options & 0x4) {
if (mbedtls_ssl_ticket_setup(&ticket_ctx, //context
- dummy_random, //f_rng
- &ctr_drbg, //p_rng
PSA_ALG_GCM, //alg
PSA_KEY_TYPE_AES, //key_type
256, //key_bits
diff --git a/programs/fuzz/fuzz_x509crl.c b/programs/fuzz/fuzz_x509crl.c
index e8dacd9..2840fbb 100644
--- a/programs/fuzz/fuzz_x509crl.c
+++ b/programs/fuzz/fuzz_x509crl.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include <stdint.h>
#include "mbedtls/x509_crl.h"
#include "common.h"
diff --git a/programs/fuzz/fuzz_x509crt.c b/programs/fuzz/fuzz_x509crt.c
index 74d3b07..29331b9 100644
--- a/programs/fuzz/fuzz_x509crt.c
+++ b/programs/fuzz/fuzz_x509crt.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include <stdint.h>
#include "mbedtls/x509_crt.h"
#include "common.h"
diff --git a/programs/fuzz/fuzz_x509csr.c b/programs/fuzz/fuzz_x509csr.c
index 4c123f8..e0aaabc 100644
--- a/programs/fuzz/fuzz_x509csr.c
+++ b/programs/fuzz/fuzz_x509csr.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include <stdint.h>
#include "mbedtls/x509_csr.h"
#include "common.h"
diff --git a/programs/fuzz/onefile.c b/programs/fuzz/onefile.c
index 2d4330a..6c02a64 100644
--- a/programs/fuzz/onefile.c
+++ b/programs/fuzz/onefile.c
@@ -1,3 +1,5 @@
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include <stdint.h>
#include <stdlib.h>
#include <stdio.h>
diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt
deleted file mode 100644
index d23db04..0000000
--- a/programs/hash/CMakeLists.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-set(executables
- generic_sum
- hello
- md_hmac_demo
-)
-add_dependencies(${programs_target} ${executables})
-
-foreach(exe IN LISTS executables)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- set_base_compile_options(${exe})
- target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
- target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include)
-endforeach()
-
-install(TARGETS ${executables}
- DESTINATION "bin"
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c
deleted file mode 100644
index 3fd2b00..0000000
--- a/programs/hash/generic_sum.c
+++ /dev/null
@@ -1,209 +0,0 @@
-/*
- * generic message digest layer demonstration program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_MD_C) && defined(MBEDTLS_FS_IO)
-#include "mbedtls/md.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_FS_IO)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-static int generic_wrapper(const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum)
-{
- int ret = mbedtls_md_file(md_info, filename, sum);
-
- if (ret == 1) {
- mbedtls_fprintf(stderr, "failed to open: %s\n", filename);
- }
-
- if (ret == 2) {
- mbedtls_fprintf(stderr, "failed to read: %s\n", filename);
- }
-
- return ret;
-}
-
-static int generic_print(const mbedtls_md_info_t *md_info, char *filename)
-{
- int i;
- unsigned char sum[MBEDTLS_MD_MAX_SIZE];
-
- if (generic_wrapper(md_info, filename, sum) != 0) {
- return 1;
- }
-
- for (i = 0; i < mbedtls_md_get_size(md_info); i++) {
- mbedtls_printf("%02x", sum[i]);
- }
-
- mbedtls_printf(" %s\n", filename);
- return 0;
-}
-
-static int generic_check(const mbedtls_md_info_t *md_info, char *filename)
-{
- int i;
- size_t n;
- FILE *f;
- int nb_err1, nb_err2;
- int nb_tot1, nb_tot2;
- unsigned char sum[MBEDTLS_MD_MAX_SIZE];
- char line[1024];
- char diff;
-#if defined(__clang_analyzer__)
- char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1] = { };
-#else
- char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1];
-#endif
-
- if ((f = fopen(filename, "rb")) == NULL) {
- mbedtls_printf("failed to open: %s\n", filename);
- return 1;
- }
-
- nb_err1 = nb_err2 = 0;
- nb_tot1 = nb_tot2 = 0;
-
- memset(line, 0, sizeof(line));
-
- n = sizeof(line);
-
- while (fgets(line, (int) n - 1, f) != NULL) {
- n = strlen(line);
-
- if (n < (size_t) 2 * mbedtls_md_get_size(md_info) + 4) {
- mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name(md_info));
- continue;
- }
-
- if (line[2 * mbedtls_md_get_size(md_info)] != ' ' ||
- line[2 * mbedtls_md_get_size(md_info) + 1] != ' ') {
- mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name(md_info));
- continue;
- }
-
- if (line[n - 1] == '\n') {
- n--; line[n] = '\0';
- }
- if (line[n - 1] == '\r') {
- n--; line[n] = '\0';
- }
-
- nb_tot1++;
-
- if (generic_wrapper(md_info, line + 2 + 2 * mbedtls_md_get_size(md_info), sum) != 0) {
- nb_err1++;
- continue;
- }
-
- nb_tot2++;
-
- for (i = 0; i < mbedtls_md_get_size(md_info); i++) {
- sprintf(buf + i * 2, "%02x", sum[i]);
- }
-
- /* Use constant-time buffer comparison */
- diff = 0;
- for (i = 0; i < 2 * mbedtls_md_get_size(md_info); i++) {
- diff |= line[i] ^ buf[i];
- }
-
- if (diff != 0) {
- nb_err2++;
- mbedtls_fprintf(stderr, "wrong checksum: %s\n", line + 66);
- }
-
- n = sizeof(line);
- }
-
- if (nb_err1 != 0) {
- mbedtls_printf("WARNING: %d (out of %d) input files could "
- "not be read\n", nb_err1, nb_tot1);
- }
-
- if (nb_err2 != 0) {
- mbedtls_printf("WARNING: %d (out of %d) computed checksums did "
- "not match\n", nb_err2, nb_tot2);
- }
-
- fclose(f);
-
- return nb_err1 != 0 || nb_err2 != 0;
-}
-
-int main(int argc, char *argv[])
-{
- int ret = 1, i;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- const mbedtls_md_info_t *md_info;
- mbedtls_md_context_t md_ctx;
-
- mbedtls_md_init(&md_ctx);
-
- if (argc < 2) {
- const int *list;
-
- mbedtls_printf("print mode: generic_sum <mbedtls_md> <file> <file> ...\n");
- mbedtls_printf("check mode: generic_sum <mbedtls_md> -c <checksum file>\n");
-
- mbedtls_printf("\nAvailable message digests:\n");
- list = mbedtls_md_list();
- while (*list) {
- md_info = mbedtls_md_info_from_type(*list);
- mbedtls_printf(" %s\n", mbedtls_md_get_name(md_info));
- list++;
- }
-
- mbedtls_exit(exit_code);
- }
-
- /*
- * Read the MD from the command line
- */
- md_info = mbedtls_md_info_from_string(argv[1]);
- if (md_info == NULL) {
- mbedtls_fprintf(stderr, "Message Digest '%s' not found\n", argv[1]);
- mbedtls_exit(exit_code);
- }
- if (mbedtls_md_setup(&md_ctx, md_info, 0)) {
- mbedtls_fprintf(stderr, "Failed to initialize context.\n");
- mbedtls_exit(exit_code);
- }
-
- ret = 0;
- if (argc == 4 && strcmp("-c", argv[2]) == 0) {
- ret |= generic_check(md_info, argv[3]);
- goto exit;
- }
-
- for (i = 2; i < argc; i++) {
- ret |= generic_print(md_info, argv[i]);
- }
-
- if (ret == 0) {
- exit_code = MBEDTLS_EXIT_SUCCESS;
- }
-
-exit:
- mbedtls_md_free(&md_ctx);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_MD_C && MBEDTLS_FS_IO */
diff --git a/programs/hash/hello.c b/programs/hash/hello.c
deleted file mode 100644
index 8caae88..0000000
--- a/programs/hash/hello.c
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Classic "Hello, world" demonstration program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_MD5_C)
-#include "mbedtls/md5.h"
-#endif
-
-#if !defined(MBEDTLS_MD5_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_MD5_C not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(void)
-{
- int i, ret;
- unsigned char digest[16];
- char str[] = "Hello, world!";
-
- mbedtls_printf("\n MD5('%s') = ", str);
-
- if ((ret = mbedtls_md5((unsigned char *) str, 13, digest)) != 0) {
- mbedtls_exit(MBEDTLS_EXIT_FAILURE);
- }
-
- for (i = 0; i < 16; i++) {
- mbedtls_printf("%02x", digest[i]);
- }
-
- mbedtls_printf("\n\n");
-
- mbedtls_exit(MBEDTLS_EXIT_SUCCESS);
-}
-#endif /* MBEDTLS_MD5_C */
diff --git a/programs/hash/md_hmac_demo.c b/programs/hash/md_hmac_demo.c
deleted file mode 100644
index 494e9ef..0000000
--- a/programs/hash/md_hmac_demo.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/**
- * MD API multi-part HMAC demonstration.
- *
- * This programs computes the HMAC of two messages using the multi-part API.
- *
- * This is a companion to psa/hmac_demo.c, doing the same operations with the
- * legacy MD API. The goal is that comparing the two programs will help people
- * migrating to the PSA Crypto API.
- *
- * When it comes to multi-part HMAC operations, the `mbedtls_md_context`
- * serves a dual purpose (1) hold the key, and (2) save progress information
- * for the current operation. With PSA those roles are held by two disinct
- * objects: (1) a psa_key_id_t to hold the key, and (2) a psa_operation_t for
- * multi-part progress.
- *
- * This program and its companion psa/hmac_demo.c illustrate this by doing the
- * same sequence of multi-part HMAC computation with both APIs; looking at the
- * two side by side should make the differences and similarities clear.
- */
-
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-/* First include Mbed TLS headers to get the Mbed TLS configuration and
- * platform definitions that we'll use in this program. Also include
- * standard C headers for functions we'll use here. */
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/md.h"
-
-#include "mbedtls/platform_util.h" // for mbedtls_platform_zeroize
-
-#include <stdlib.h>
-#include <stdio.h>
-
-/* If the build options we need are not enabled, compile a placeholder. */
-#if !defined(MBEDTLS_MD_C)
-int main(void)
-{
- printf("MBEDTLS_MD_C not defined\r\n");
- return 0;
-}
-#else
-
-/* The real program starts here. */
-
-/* Dummy inputs for HMAC */
-const unsigned char msg1_part1[] = { 0x01, 0x02 };
-const unsigned char msg1_part2[] = { 0x03, 0x04 };
-const unsigned char msg2_part1[] = { 0x05, 0x05 };
-const unsigned char msg2_part2[] = { 0x06, 0x06 };
-
-/* Dummy key material - never do this in production!
- * This example program uses SHA-256, so a 32-byte key makes sense. */
-const unsigned char key_bytes[32] = { 0 };
-
-/* Print the contents of a buffer in hex */
-static void print_buf(const char *title, unsigned char *buf, size_t len)
-{
- printf("%s:", title);
- for (size_t i = 0; i < len; i++) {
- printf(" %02x", buf[i]);
- }
- printf("\n");
-}
-
-/* Run an Mbed TLS function and bail out if it fails.
- * A string description of the error code can be recovered with:
- * programs/util/strerror <value> */
-#define CHK(expr) \
- do \
- { \
- ret = (expr); \
- if (ret != 0) \
- { \
- printf("Error %d at line %d: %s\n", \
- ret, \
- __LINE__, \
- #expr); \
- goto exit; \
- } \
- } while (0)
-
-/*
- * This function demonstrates computation of the HMAC of two messages using
- * the multipart API.
- */
-static int hmac_demo(void)
-{
- int ret;
- const mbedtls_md_type_t alg = MBEDTLS_MD_SHA256;
- unsigned char out[MBEDTLS_MD_MAX_SIZE]; // safe but not optimal
-
- mbedtls_md_context_t ctx;
-
- mbedtls_md_init(&ctx);
-
- /* prepare context and load key */
- // the last argument to setup is 1 to enable HMAC (not just hashing)
- const mbedtls_md_info_t *info = mbedtls_md_info_from_type(alg);
- CHK(mbedtls_md_setup(&ctx, info, 1));
- CHK(mbedtls_md_hmac_starts(&ctx, key_bytes, sizeof(key_bytes)));
-
- /* compute HMAC(key, msg1_part1 | msg1_part2) */
- CHK(mbedtls_md_hmac_update(&ctx, msg1_part1, sizeof(msg1_part1)));
- CHK(mbedtls_md_hmac_update(&ctx, msg1_part2, sizeof(msg1_part2)));
- CHK(mbedtls_md_hmac_finish(&ctx, out));
- print_buf("msg1", out, mbedtls_md_get_size(info));
-
- /* compute HMAC(key, msg2_part1 | msg2_part2) */
- CHK(mbedtls_md_hmac_reset(&ctx)); // prepare for new operation
- CHK(mbedtls_md_hmac_update(&ctx, msg2_part1, sizeof(msg2_part1)));
- CHK(mbedtls_md_hmac_update(&ctx, msg2_part2, sizeof(msg2_part2)));
- CHK(mbedtls_md_hmac_finish(&ctx, out));
- print_buf("msg2", out, mbedtls_md_get_size(info));
-
-exit:
- mbedtls_md_free(&ctx);
- mbedtls_platform_zeroize(out, sizeof(out));
-
- return ret;
-}
-
-int main(void)
-{
- int ret;
-
- CHK(hmac_demo());
-
-exit:
- return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
-}
-
-#endif
diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt
index c782ad4..a2b1836 100644
--- a/programs/pkey/CMakeLists.txt
+++ b/programs/pkey/CMakeLists.txt
@@ -1,34 +1,8 @@
-set(executables_mbedtls
- dh_client
- dh_server
-)
-add_dependencies(${programs_target} ${executables_mbedtls})
-
-foreach(exe IN LISTS executables_mbedtls)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- set_base_compile_options(${exe})
- target_link_libraries(${exe} ${mbedtls_target} ${CMAKE_THREAD_LIBS_INIT})
- target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include)
-endforeach()
-
set(executables_mbedcrypto
- dh_genprime
- ecdh_curve25519
- ecdsa
gen_key
- key_app
- key_app_writer
- mpi_demo
- pk_encrypt
- pk_decrypt
pk_sign
pk_verify
- rsa_decrypt
- rsa_encrypt
- rsa_genkey
- rsa_sign
rsa_sign_pss
- rsa_verify
rsa_verify_pss
)
add_dependencies(${programs_target} ${executables_mbedcrypto})
@@ -40,6 +14,6 @@
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include)
endforeach()
-install(TARGETS ${executables_mbedtls} ${executables_mbedcrypto}
+install(TARGETS ${executables_mbedcrypto}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
deleted file mode 100644
index a3bc49d..0000000
--- a/programs/pkey/dh_client.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * Diffie-Hellman-Merkle key exchange (client side)
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-/* md.h is included this early since MD_CAN_XXX macros are defined there. */
-#include "mbedtls/md.h"
-
-#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
- defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
- defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
- defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#define SERVER_NAME "localhost"
-#define SERVER_PORT "11999"
-
-#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
- !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
- "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
- "PSA_WANT_ALG_SHA_256 and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n");
- mbedtls_exit(0);
-}
-
-#elif defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BLOCK_CIPHER_NO_DECRYPT defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(void)
-{
- FILE *f;
-
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- unsigned int mdlen;
- size_t n, buflen;
- mbedtls_net_context server_fd;
-
- unsigned char *p, *end;
- unsigned char buf[2048];
- unsigned char hash[MBEDTLS_MD_MAX_SIZE];
- mbedtls_mpi N, E;
- const char *pers = "dh_client";
-
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_rsa_context rsa;
- mbedtls_dhm_context dhm;
- mbedtls_aes_context aes;
-
- mbedtls_net_init(&server_fd);
- mbedtls_dhm_init(&dhm);
- mbedtls_aes_init(&aes);
- mbedtls_ctr_drbg_init(&ctr_drbg);
- mbedtls_mpi_init(&N);
- mbedtls_mpi_init(&E);
-
- /*
- * 1. Setup the RNG
- */
- mbedtls_printf("\n . Seeding the random number generator");
- fflush(stdout);
-
- mbedtls_entropy_init(&entropy);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
- goto exit;
- }
-
- /*
- * 2. Read the server's public RSA key
- */
- mbedtls_printf("\n . Reading public key from rsa_pub.txt");
- fflush(stdout);
-
- if ((f = fopen("rsa_pub.txt", "rb")) == NULL) {
- mbedtls_printf(" failed\n ! Could not open rsa_pub.txt\n" \
- " ! Please run rsa_genkey first\n\n");
- goto exit;
- }
-
- mbedtls_rsa_init(&rsa);
- if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
- (ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E) != 0)) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret);
- fclose(f);
- goto exit;
- }
- fclose(f);
-
- /*
- * 3. Initiate the connection
- */
- mbedtls_printf("\n . Connecting to tcp/%s/%s", SERVER_NAME,
- SERVER_PORT);
- fflush(stdout);
-
- if ((ret = mbedtls_net_connect(&server_fd, SERVER_NAME,
- SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 4a. First get the buffer length
- */
- mbedtls_printf("\n . Receiving the server's DH parameters");
- fflush(stdout);
-
- memset(buf, 0, sizeof(buf));
-
- if ((ret = mbedtls_net_recv(&server_fd, buf, 2)) != 2) {
- mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret);
- goto exit;
- }
-
- n = buflen = (buf[0] << 8) | buf[1];
- if (buflen < 1 || buflen > sizeof(buf)) {
- mbedtls_printf(" failed\n ! Got an invalid buffer length\n\n");
- goto exit;
- }
-
- /*
- * 4b. Get the DHM parameters: P, G and Ys = G^Xs mod P
- */
- memset(buf, 0, sizeof(buf));
-
- if ((ret = mbedtls_net_recv(&server_fd, buf, n)) != (int) n) {
- mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret);
- goto exit;
- }
-
- p = buf, end = buf + buflen;
-
- if ((ret = mbedtls_dhm_read_params(&dhm, &p, end)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret);
- goto exit;
- }
-
- n = mbedtls_dhm_get_len(&dhm);
- if (n < 64 || n > 512) {
- mbedtls_printf(" failed\n ! Invalid DHM modulus size\n\n");
- goto exit;
- }
-
- /*
- * 5. Check that the server's RSA signature matches
- * the SHA-256 hash of (P,G,Ys)
- */
- mbedtls_printf("\n . Verifying the server's RSA signature");
- fflush(stdout);
-
- p += 2;
-
- if ((n = (size_t) (end - p)) != mbedtls_rsa_get_len(&rsa)) {
- mbedtls_printf(" failed\n ! Invalid RSA signature size\n\n");
- goto exit;
- }
-
- mdlen = (unsigned int) mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256));
- if (mdlen == 0) {
- mbedtls_printf(" failed\n ! Invalid digest type\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_sha256(buf, (int) (p - 2 - buf), hash, 0)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_sha256 returned %d\n\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, MBEDTLS_MD_SHA256,
- mdlen, hash, p)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 6. Send our public value: Yc = G ^ Xc mod P
- */
- mbedtls_printf("\n . Sending own public value to server");
- fflush(stdout);
-
- n = mbedtls_dhm_get_len(&dhm);
- if ((ret = mbedtls_dhm_make_public(&dhm, (int) n, buf, n,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_net_send(&server_fd, buf, n)) != (int) n) {
- mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 7. Derive the shared secret: K = Ys ^ Xc mod P
- */
- mbedtls_printf("\n . Shared secret: ");
- fflush(stdout);
-
- if ((ret = mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &n,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret);
- goto exit;
- }
-
- for (n = 0; n < 16; n++) {
- mbedtls_printf("%02x", buf[n]);
- }
-
- /*
- * 8. Setup the AES-256 decryption key
- *
- * This is an overly simplified example; best practice is
- * to hash the shared secret with a random value to derive
- * the keying material for the encryption/decryption keys,
- * IVs and MACs.
- */
- mbedtls_printf("...\n . Receiving and decrypting the ciphertext");
- fflush(stdout);
-
- ret = mbedtls_aes_setkey_dec(&aes, buf, 256);
- if (ret != 0) {
- goto exit;
- }
-
- memset(buf, 0, sizeof(buf));
-
- if ((ret = mbedtls_net_recv(&server_fd, buf, 16)) != 16) {
- mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret);
- goto exit;
- }
-
- ret = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_DECRYPT, buf, buf);
- if (ret != 0) {
- goto exit;
- }
- buf[16] = '\0';
- mbedtls_printf("\n . Plaintext is \"%s\"\n\n", (char *) buf);
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_net_free(&server_fd);
-
- mbedtls_aes_free(&aes);
- mbedtls_rsa_free(&rsa);
- mbedtls_dhm_free(&dhm);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
- mbedtls_mpi_free(&N);
- mbedtls_mpi_free(&E);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
- MBEDTLS_NET_C && MBEDTLS_RSA_C && PSA_WANT_ALG_SHA_256 &&
- MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c
deleted file mode 100644
index 6872e61..0000000
--- a/programs/pkey/dh_genprime.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/*
- * Diffie-Hellman-Merkle key exchange (prime generation)
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
- !defined(MBEDTLS_GENPRIME)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C and/or "
- "MBEDTLS_GENPRIME not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-#include "mbedtls/bignum.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-
-#define USAGE \
- "\n usage: dh_genprime param=<>...\n" \
- "\n acceptable parameters:\n" \
- " bits=%%d default: 2048\n"
-
-#define DFL_BITS 2048
-
-/*
- * Note: G = 4 is always a quadratic residue mod P,
- * so it is a generator of order Q (with P = 2*Q+1).
- */
-#define GENERATOR "4"
-
-
-int main(int argc, char **argv)
-{
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- mbedtls_mpi G, P, Q;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- const char *pers = "dh_genprime";
- FILE *fout;
- int nbits = DFL_BITS;
- int i;
- char *p, *q;
-
- mbedtls_mpi_init(&G); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
- mbedtls_ctr_drbg_init(&ctr_drbg);
- mbedtls_entropy_init(&entropy);
-
- if (argc < 2) {
-usage:
- mbedtls_printf(USAGE);
- goto exit;
- }
-
- for (i = 1; i < argc; i++) {
- p = argv[i];
- if ((q = strchr(p, '=')) == NULL) {
- goto usage;
- }
- *q++ = '\0';
-
- if (strcmp(p, "bits") == 0) {
- nbits = atoi(q);
- if (nbits < 0 || nbits > MBEDTLS_MPI_MAX_BITS) {
- goto usage;
- }
- } else {
- goto usage;
- }
- }
-
- if ((ret = mbedtls_mpi_read_string(&G, 10, GENERATOR)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_read_string returned %d\n", ret);
- goto exit;
- }
-
- mbedtls_printf(" ! Generating large primes may take minutes!\n");
-
- mbedtls_printf("\n . Seeding the random number generator...");
- fflush(stdout);
-
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n . Generating the modulus, please wait...");
- fflush(stdout);
-
- /*
- * This can take a long time...
- */
- if ((ret = mbedtls_mpi_gen_prime(&P, nbits, 1,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_gen_prime returned %d\n\n", ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n . Verifying that Q = (P-1)/2 is prime...");
- fflush(stdout);
-
- if ((ret = mbedtls_mpi_sub_int(&Q, &P, 1)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_sub_int returned %d\n\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_mpi_div_int(&Q, NULL, &Q, 2)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_div_int returned %d\n\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_mpi_is_prime_ext(&Q, 50, mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_is_prime returned %d\n\n", ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n . Exporting the value in dh_prime.txt...");
- fflush(stdout);
-
- if ((fout = fopen("dh_prime.txt", "wb+")) == NULL) {
- mbedtls_printf(" failed\n ! Could not create dh_prime.txt\n\n");
- goto exit;
- }
-
- if (((ret = mbedtls_mpi_write_file("P = ", &P, 16, fout)) != 0) ||
- ((ret = mbedtls_mpi_write_file("G = ", &G, 16, fout)) != 0)) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret);
- fclose(fout);
- goto exit;
- }
-
- mbedtls_printf(" ok\n\n");
- fclose(fout);
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_mpi_free(&G); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO &&
- MBEDTLS_CTR_DRBG_C && MBEDTLS_GENPRIME */
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
deleted file mode 100644
index 26b48e3..0000000
--- a/programs/pkey/dh_server.c
+++ /dev/null
@@ -1,306 +0,0 @@
-/*
- * Diffie-Hellman-Merkle key exchange (server side)
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-/* md.h is included this early since MD_CAN_XXX macros are defined there. */
-#include "mbedtls/md.h"
-
-#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
- defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
- defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
- defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#define SERVER_PORT "11999"
-#define PLAINTEXT "==Hello there!=="
-
-#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
- !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
- "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
- "PSA_WANT_ALG_SHA_256 and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(void)
-{
- FILE *f;
-
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- unsigned int mdlen;
- size_t n, buflen;
- mbedtls_net_context listen_fd, client_fd;
-
- unsigned char buf[2048];
- unsigned char hash[MBEDTLS_MD_MAX_SIZE];
- unsigned char buf2[2];
- const char *pers = "dh_server";
-
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_rsa_context rsa;
- mbedtls_dhm_context dhm;
- mbedtls_aes_context aes;
-
- mbedtls_mpi N, P, Q, D, E, dhm_P, dhm_G;
-
- mbedtls_net_init(&listen_fd);
- mbedtls_net_init(&client_fd);
- mbedtls_dhm_init(&dhm);
- mbedtls_aes_init(&aes);
- mbedtls_ctr_drbg_init(&ctr_drbg);
-
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
- mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&dhm_P);
- mbedtls_mpi_init(&dhm_G);
- /*
- * 1. Setup the RNG
- */
- mbedtls_printf("\n . Seeding the random number generator");
- fflush(stdout);
-
- mbedtls_entropy_init(&entropy);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
- goto exit;
- }
-
- /*
- * 2a. Read the server's private RSA key
- */
- mbedtls_printf("\n . Reading private key from rsa_priv.txt");
- fflush(stdout);
-
- if ((f = fopen("rsa_priv.txt", "rb")) == NULL) {
- mbedtls_printf(" failed\n ! Could not open rsa_priv.txt\n" \
- " ! Please run rsa_genkey first\n\n");
- goto exit;
- }
-
- mbedtls_rsa_init(&rsa);
-
- if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n",
- ret);
- fclose(f);
- goto exit;
- }
- fclose(f);
-
- if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n",
- ret);
- goto exit;
- }
-
- if ((ret = mbedtls_rsa_complete(&rsa)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_complete returned %d\n\n",
- ret);
- goto exit;
- }
-
- /*
- * 2b. Get the DHM modulus and generator
- */
- mbedtls_printf("\n . Reading DH parameters from dh_prime.txt");
- fflush(stdout);
-
- if ((f = fopen("dh_prime.txt", "rb")) == NULL) {
- mbedtls_printf(" failed\n ! Could not open dh_prime.txt\n" \
- " ! Please run dh_genprime first\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_mpi_read_file(&dhm_P, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&dhm_G, 16, f)) != 0 ||
- (ret = mbedtls_dhm_set_group(&dhm, &dhm_P, &dhm_G) != 0)) {
- mbedtls_printf(" failed\n ! Invalid DH parameter file\n\n");
- fclose(f);
- goto exit;
- }
-
- fclose(f);
-
- /*
- * 3. Wait for a client to connect
- */
- mbedtls_printf("\n . Waiting for a remote connection");
- fflush(stdout);
-
- if ((ret = mbedtls_net_bind(&listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_net_accept(&listen_fd, &client_fd,
- NULL, 0, NULL)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 4. Setup the DH parameters (P,G,Ys)
- */
- mbedtls_printf("\n . Sending the server's DH parameters");
- fflush(stdout);
-
- memset(buf, 0, sizeof(buf));
-
- if ((ret =
- mbedtls_dhm_make_params(&dhm, (int) mbedtls_dhm_get_len(&dhm), buf, &n,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 5. Sign the parameters and send them
- */
-
- mdlen = (unsigned int) mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256));
- if (mdlen == 0) {
- mbedtls_printf(" failed\n ! Invalid digest type\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_sha256(buf, n, hash, 0)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_sha256 returned %d\n\n", ret);
- goto exit;
- }
-
- const size_t rsa_key_len = mbedtls_rsa_get_len(&rsa);
- buf[n] = (unsigned char) (rsa_key_len >> 8);
- buf[n + 1] = (unsigned char) (rsa_key_len);
-
- if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, mbedtls_ctr_drbg_random, &ctr_drbg,
- MBEDTLS_MD_SHA256, mdlen,
- hash, buf + n + 2)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret);
- goto exit;
- }
-
- buflen = n + 2 + rsa_key_len;
- buf2[0] = (unsigned char) (buflen >> 8);
- buf2[1] = (unsigned char) (buflen);
-
- if ((ret = mbedtls_net_send(&client_fd, buf2, 2)) != 2 ||
- (ret = mbedtls_net_send(&client_fd, buf, buflen)) != (int) buflen) {
- mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 6. Get the client's public value: Yc = G ^ Xc mod P
- */
- mbedtls_printf("\n . Receiving the client's public value");
- fflush(stdout);
-
- memset(buf, 0, sizeof(buf));
-
- n = mbedtls_dhm_get_len(&dhm);
- if ((ret = mbedtls_net_recv(&client_fd, buf, n)) != (int) n) {
- mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_dhm_read_public(&dhm, buf, n)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 7. Derive the shared secret: K = Ys ^ Xc mod P
- */
- mbedtls_printf("\n . Shared secret: ");
- fflush(stdout);
-
- if ((ret = mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &n,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret);
- goto exit;
- }
-
- for (n = 0; n < 16; n++) {
- mbedtls_printf("%02x", buf[n]);
- }
-
- /*
- * 8. Setup the AES-256 encryption key
- *
- * This is an overly simplified example; best practice is
- * to hash the shared secret with a random value to derive
- * the keying material for the encryption/decryption keys
- * and MACs.
- */
- mbedtls_printf("...\n . Encrypting and sending the ciphertext");
- fflush(stdout);
-
- ret = mbedtls_aes_setkey_enc(&aes, buf, 256);
- if (ret != 0) {
- goto exit;
- }
- memcpy(buf, PLAINTEXT, 16);
- ret = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_ENCRYPT, buf, buf);
- if (ret != 0) {
- goto exit;
- }
-
- if ((ret = mbedtls_net_send(&client_fd, buf, 16)) != 16) {
- mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret);
- goto exit;
- }
-
- mbedtls_printf("\n\n");
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
- mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&dhm_P);
- mbedtls_mpi_free(&dhm_G);
-
- mbedtls_net_free(&client_fd);
- mbedtls_net_free(&listen_fd);
-
- mbedtls_aes_free(&aes);
- mbedtls_rsa_free(&rsa);
- mbedtls_dhm_free(&dhm);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
- MBEDTLS_NET_C && MBEDTLS_RSA_C && PSA_WANT_ALG_SHA_256 &&
- MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/ecdh_curve25519.c b/programs/pkey/ecdh_curve25519.c
deleted file mode 100644
index fedfcc9..0000000
--- a/programs/pkey/ecdh_curve25519.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/*
- * Example ECDHE with Curve25519 program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if !defined(MBEDTLS_ECDH_C) || \
- !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_ECDH_C and/or "
- "MBEDTLS_ECP_DP_CURVE25519_ENABLED and/or "
- "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
- "not defined\n");
- mbedtls_exit(0);
-}
-#else
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/ecdh.h"
-
-#include <string.h>
-
-
-int main(int argc, char *argv[])
-{
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- mbedtls_ecdh_context ctx_cli, ctx_srv;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- unsigned char cli_to_srv[36], srv_to_cli[33];
- const char pers[] = "ecdh";
-
- size_t srv_olen;
- size_t cli_olen;
- unsigned char secret_cli[32] = { 0 };
- unsigned char secret_srv[32] = { 0 };
- const unsigned char *p_cli_to_srv = cli_to_srv;
-
- ((void) argc);
- ((void) argv);
-
- mbedtls_ecdh_init(&ctx_cli);
- mbedtls_ecdh_init(&ctx_srv);
- mbedtls_ctr_drbg_init(&ctr_drbg);
-
- /*
- * Initialize random number generation
- */
- mbedtls_printf(" . Seed the random number generator...");
- fflush(stdout);
-
- mbedtls_entropy_init(&entropy);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
- &entropy,
- (const unsigned char *) pers,
- sizeof(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n",
- ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
-
- /*
- * Client: initialize context and generate keypair
- */
- mbedtls_printf(" . Set up client context, generate EC key pair...");
- fflush(stdout);
-
- ret = mbedtls_ecdh_setup(&ctx_cli, MBEDTLS_ECP_DP_CURVE25519);
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecdh_setup returned %d\n", ret);
- goto exit;
- }
-
- ret = mbedtls_ecdh_make_params(&ctx_cli, &cli_olen, cli_to_srv,
- sizeof(cli_to_srv),
- mbedtls_ctr_drbg_random, &ctr_drbg);
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecdh_make_params returned %d\n",
- ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
-
- /*
- * Server: initialize context and generate keypair
- */
- mbedtls_printf(" . Server: read params, generate public key...");
- fflush(stdout);
-
- ret = mbedtls_ecdh_read_params(&ctx_srv, &p_cli_to_srv,
- p_cli_to_srv + sizeof(cli_to_srv));
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecdh_read_params returned %d\n",
- ret);
- goto exit;
- }
-
- ret = mbedtls_ecdh_make_public(&ctx_srv, &srv_olen, srv_to_cli,
- sizeof(srv_to_cli),
- mbedtls_ctr_drbg_random, &ctr_drbg);
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecdh_make_public returned %d\n",
- ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
-
- /*
- * Client: read public key
- */
- mbedtls_printf(" . Client: read public key...");
- fflush(stdout);
-
- ret = mbedtls_ecdh_read_public(&ctx_cli, srv_to_cli,
- sizeof(srv_to_cli));
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecdh_read_public returned %d\n",
- ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
-
- /*
- * Calculate secrets
- */
- mbedtls_printf(" . Calculate secrets...");
- fflush(stdout);
-
- ret = mbedtls_ecdh_calc_secret(&ctx_cli, &cli_olen, secret_cli,
- sizeof(secret_cli),
- mbedtls_ctr_drbg_random, &ctr_drbg);
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecdh_calc_secret returned %d\n",
- ret);
- goto exit;
- }
-
- ret = mbedtls_ecdh_calc_secret(&ctx_srv, &srv_olen, secret_srv,
- sizeof(secret_srv),
- mbedtls_ctr_drbg_random, &ctr_drbg);
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecdh_calc_secret returned %d\n",
- ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
-
- /*
- * Verification: are the computed secrets equal?
- */
- mbedtls_printf(" . Check if both calculated secrets are equal...");
- fflush(stdout);
-
- ret = memcmp(secret_srv, secret_cli, srv_olen);
- if (ret != 0 || (cli_olen != srv_olen)) {
- mbedtls_printf(" failed\n ! Shared secrets not equal.\n");
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_ecdh_free(&ctx_srv);
- mbedtls_ecdh_free(&ctx_cli);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_ECDH_C && MBEDTLS_ECP_DP_CURVE25519_ENABLED &&
- MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c
deleted file mode 100644
index 5664b8c..0000000
--- a/programs/pkey/ecdsa.c
+++ /dev/null
@@ -1,220 +0,0 @@
-/*
- * Example ECDSA program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_ECDSA_C) && \
- defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/sha256.h"
-
-#include <string.h>
-#endif
-
-/*
- * Uncomment to show key and signature details
- */
-#define VERBOSE
-
-/*
- * Uncomment to force use of a specific curve
- */
-#define ECPARAMS MBEDTLS_ECP_DP_SECP192R1
-
-#if !defined(ECPARAMS)
-#define ECPARAMS mbedtls_ecp_curve_list()->grp_id
-#endif
-
-#if !defined(MBEDTLS_ECDSA_C) || !defined(MBEDTLS_SHA256_C) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_ECDSA_C and/or MBEDTLS_SHA256_C and/or "
- "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n");
- mbedtls_exit(0);
-}
-#else
-#if defined(VERBOSE)
-static void dump_buf(const char *title, unsigned char *buf, size_t len)
-{
- size_t i;
-
- mbedtls_printf("%s", title);
- for (i = 0; i < len; i++) {
- mbedtls_printf("%c%c", "0123456789ABCDEF" [buf[i] / 16],
- "0123456789ABCDEF" [buf[i] % 16]);
- }
- mbedtls_printf("\n");
-}
-
-static void dump_pubkey(const char *title, mbedtls_ecdsa_context *key)
-{
- unsigned char buf[300];
- size_t len;
-
- if (mbedtls_ecp_write_public_key(key, MBEDTLS_ECP_PF_UNCOMPRESSED,
- &len, buf, sizeof(buf)) != 0) {
- mbedtls_printf("internal error\n");
- return;
- }
-
- dump_buf(title, buf, len);
-}
-#else
-#define dump_buf(a, b, c)
-#define dump_pubkey(a, b)
-#endif
-
-
-int main(int argc, char *argv[])
-{
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- mbedtls_ecdsa_context ctx_sign, ctx_verify;
- mbedtls_ecp_point Q;
- mbedtls_ecp_point_init(&Q);
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- unsigned char message[100];
- unsigned char hash[32];
- unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
- size_t sig_len;
- const char *pers = "ecdsa";
- ((void) argv);
-
- mbedtls_ecdsa_init(&ctx_sign);
- mbedtls_ecdsa_init(&ctx_verify);
- mbedtls_ctr_drbg_init(&ctr_drbg);
-
- memset(sig, 0, sizeof(sig));
- memset(message, 0x25, sizeof(message));
-
- if (argc != 1) {
- mbedtls_printf("usage: ecdsa\n");
-
-#if defined(_WIN32)
- mbedtls_printf("\n");
-#endif
-
- goto exit;
- }
-
- /*
- * Generate a key pair for signing
- */
- mbedtls_printf("\n . Seeding the random number generator...");
- fflush(stdout);
-
- mbedtls_entropy_init(&entropy);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n . Generating key pair...");
- fflush(stdout);
-
- if ((ret = mbedtls_ecdsa_genkey(&ctx_sign, ECPARAMS,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecdsa_genkey returned %d\n", ret);
- goto exit;
- }
-
- mbedtls_ecp_group_id grp_id = mbedtls_ecp_keypair_get_group_id(&ctx_sign);
- const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_grp_id(grp_id);
- mbedtls_printf(" ok (key size: %d bits)\n", (int) curve_info->bit_size);
-
- dump_pubkey(" + Public key: ", &ctx_sign);
-
- /*
- * Compute message hash
- */
- mbedtls_printf(" . Computing message hash...");
- fflush(stdout);
-
- if ((ret = mbedtls_sha256(message, sizeof(message), hash, 0)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_sha256 returned %d\n", ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
-
- dump_buf(" + Hash: ", hash, sizeof(hash));
-
- /*
- * Sign message hash
- */
- mbedtls_printf(" . Signing message hash...");
- fflush(stdout);
-
- if ((ret = mbedtls_ecdsa_write_signature(&ctx_sign, MBEDTLS_MD_SHA256,
- hash, sizeof(hash),
- sig, sizeof(sig), &sig_len,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecdsa_write_signature returned %d\n", ret);
- goto exit;
- }
- mbedtls_printf(" ok (signature length = %u)\n", (unsigned int) sig_len);
-
- dump_buf(" + Signature: ", sig, sig_len);
-
- /*
- * Transfer public information to verifying context
- *
- * We could use the same context for verification and signatures, but we
- * chose to use a new one in order to make it clear that the verifying
- * context only needs the public key (Q), and not the private key (d).
- */
- mbedtls_printf(" . Preparing verification context...");
- fflush(stdout);
-
- if ((ret = mbedtls_ecp_export(&ctx_sign, NULL, NULL, &Q)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecp_export returned %d\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_ecp_set_public_key(grp_id, &ctx_verify, &Q)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecp_set_public_key returned %d\n", ret);
- goto exit;
- }
-
- /*
- * Verify signature
- */
- mbedtls_printf(" ok\n . Verifying signature...");
- fflush(stdout);
-
- if ((ret = mbedtls_ecdsa_read_signature(&ctx_verify,
- hash, sizeof(hash),
- sig, sig_len)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ecdsa_read_signature returned %d\n", ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_ecdsa_free(&ctx_verify);
- mbedtls_ecdsa_free(&ctx_sign);
- mbedtls_ecp_point_free(&Q);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
- ECPARAMS */
diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c
index 99999c7..f1ed511 100644
--- a/programs/pkey/gen_key.c
+++ b/programs/pkey/gen_key.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c
deleted file mode 100644
index d01aa88..0000000
--- a/programs/pkey/key_app.c
+++ /dev/null
@@ -1,368 +0,0 @@
-/*
- * Key reading application
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_BIGNUM_C) && \
- defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) && \
- defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/rsa.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <string.h>
-#endif
-
-#define MODE_NONE 0
-#define MODE_PRIVATE 1
-#define MODE_PUBLIC 2
-
-#define DFL_MODE MODE_NONE
-#define DFL_FILENAME "keyfile.key"
-#define DFL_PASSWORD ""
-#define DFL_PASSWORD_FILE ""
-#define DFL_DEBUG_LEVEL 0
-
-#define USAGE \
- "\n usage: key_app param=<>...\n" \
- "\n acceptable parameters:\n" \
- " mode=private|public default: none\n" \
- " filename=%%s default: keyfile.key\n" \
- " password=%%s default: \"\"\n" \
- " password_file=%%s default: \"\"\n" \
- "\n"
-
-#if !defined(MBEDTLS_BIGNUM_C) || \
- !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BIGNUM_C and/or "
- "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-#if defined(MBEDTLS_ECP_C)
-static int show_ecp_key(const mbedtls_ecp_keypair *ecp, int has_private)
-{
- int ret = 0;
-
- const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_grp_id(
- mbedtls_ecp_keypair_get_group_id(ecp));
- mbedtls_printf("curve: %s\n", curve_info->name);
-
- mbedtls_ecp_group grp;
- mbedtls_ecp_group_init(&grp);
- mbedtls_mpi D;
- mbedtls_mpi_init(&D);
- mbedtls_ecp_point pt;
- mbedtls_ecp_point_init(&pt);
- mbedtls_mpi X, Y;
- mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y);
-
- MBEDTLS_MPI_CHK(mbedtls_ecp_export(ecp, &grp,
- (has_private ? &D : NULL),
- &pt));
-
- unsigned char point_bin[MBEDTLS_ECP_MAX_PT_LEN];
- size_t len = 0;
- MBEDTLS_MPI_CHK(mbedtls_ecp_point_write_binary(
- &grp, &pt, MBEDTLS_ECP_PF_UNCOMPRESSED,
- &len, point_bin, sizeof(point_bin)));
- switch (mbedtls_ecp_get_type(&grp)) {
- case MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:
- if ((len & 1) == 0 || point_bin[0] != 0x04) {
- /* Point in an unxepected format. This shouldn't happen. */
- ret = -1;
- goto cleanup;
- }
- MBEDTLS_MPI_CHK(
- mbedtls_mpi_read_binary(&X, point_bin + 1, len / 2));
- MBEDTLS_MPI_CHK(
- mbedtls_mpi_read_binary(&Y, point_bin + 1 + len / 2, len / 2));
- mbedtls_mpi_write_file("X_Q: ", &X, 16, NULL);
- mbedtls_mpi_write_file("Y_Q: ", &Y, 16, NULL);
- break;
- case MBEDTLS_ECP_TYPE_MONTGOMERY:
- MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&X, point_bin, len));
- mbedtls_mpi_write_file("X_Q: ", &X, 16, NULL);
- break;
- default:
- mbedtls_printf(
- "This program does not yet support listing coordinates for this curve type.\n");
- break;
- }
-
- if (has_private) {
- mbedtls_mpi_write_file("D: ", &D, 16, NULL);
- }
-
-cleanup:
- mbedtls_ecp_group_free(&grp);
- mbedtls_mpi_free(&D);
- mbedtls_ecp_point_free(&pt);
- mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y);
- return ret;
-}
-#endif
-
-/*
- * global options
- */
-struct options {
- int mode; /* the mode to run the application in */
- const char *filename; /* filename of the key file */
- const char *password; /* password for the private key */
- const char *password_file; /* password_file for the private key */
-} opt;
-
-int main(int argc, char *argv[])
-{
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- char buf[1024];
- int i;
- char *p, *q;
-
- const char *pers = "pkey/key_app";
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
-
- mbedtls_pk_context pk;
- mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-
- /*
- * Set to sane values
- */
- mbedtls_entropy_init(&entropy);
- mbedtls_ctr_drbg_init(&ctr_drbg);
-
- mbedtls_pk_init(&pk);
- memset(buf, 0, sizeof(buf));
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_status_t status = psa_crypto_init();
- if (status != PSA_SUCCESS) {
- mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
- (int) status);
- goto cleanup;
- }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
- mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
- mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
-
- if (argc < 2) {
-usage:
- mbedtls_printf(USAGE);
- goto cleanup;
- }
-
- opt.mode = DFL_MODE;
- opt.filename = DFL_FILENAME;
- opt.password = DFL_PASSWORD;
- opt.password_file = DFL_PASSWORD_FILE;
-
- for (i = 1; i < argc; i++) {
- p = argv[i];
- if ((q = strchr(p, '=')) == NULL) {
- goto usage;
- }
- *q++ = '\0';
-
- if (strcmp(p, "mode") == 0) {
- if (strcmp(q, "private") == 0) {
- opt.mode = MODE_PRIVATE;
- } else if (strcmp(q, "public") == 0) {
- opt.mode = MODE_PUBLIC;
- } else {
- goto usage;
- }
- } else if (strcmp(p, "filename") == 0) {
- opt.filename = q;
- } else if (strcmp(p, "password") == 0) {
- opt.password = q;
- } else if (strcmp(p, "password_file") == 0) {
- opt.password_file = q;
- } else {
- goto usage;
- }
- }
-
- if (opt.mode == MODE_PRIVATE) {
- if (strlen(opt.password) && strlen(opt.password_file)) {
- mbedtls_printf("Error: cannot have both password and password_file\n");
- goto usage;
- }
-
- if (strlen(opt.password_file)) {
- FILE *f;
-
- mbedtls_printf("\n . Loading the password file ...");
- if ((f = fopen(opt.password_file, "rb")) == NULL) {
- mbedtls_printf(" failed\n ! fopen returned NULL\n");
- goto cleanup;
- }
- if (fgets(buf, sizeof(buf), f) == NULL) {
- fclose(f);
- mbedtls_printf("Error: fgets() failed to retrieve password\n");
- goto cleanup;
- }
- fclose(f);
-
- i = (int) strlen(buf);
- if (buf[i - 1] == '\n') {
- buf[i - 1] = '\0';
- }
- if (buf[i - 2] == '\r') {
- buf[i - 2] = '\0';
- }
- opt.password = buf;
- }
-
- /*
- * 1.1. Load the key
- */
- mbedtls_printf("\n . Loading the private key ...");
- fflush(stdout);
-
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
- (unsigned int) -ret);
- goto cleanup;
- }
-
- ret = mbedtls_pk_parse_keyfile(&pk, opt.filename, opt.password,
- mbedtls_ctr_drbg_random, &ctr_drbg);
-
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n",
- (unsigned int) -ret);
- goto cleanup;
- }
-
- mbedtls_printf(" ok\n");
-
- /*
- * 1.2 Print the key
- */
- mbedtls_printf(" . Key information ...\n");
-#if defined(MBEDTLS_RSA_C)
- if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) {
- mbedtls_rsa_context *rsa = mbedtls_pk_rsa(pk);
-
- if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 ||
- (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP)) != 0) {
- mbedtls_printf(" failed\n ! could not export RSA parameters\n\n");
- goto cleanup;
- }
-
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("N: ", &N, 16, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("E: ", &E, 16, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("D: ", &D, 16, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("P: ", &P, 16, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q: ", &Q, 16, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("DP: ", &DP, 16, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("DQ: ", &DQ, 16, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("QP: ", &QP, 16, NULL));
- } else
-#endif
-#if defined(MBEDTLS_ECP_C)
- if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY) {
- if (show_ecp_key(mbedtls_pk_ec(pk), 1) != 0) {
- mbedtls_printf(" failed\n ! could not export ECC parameters\n\n");
- goto cleanup;
- }
- } else
-#endif
- {
- mbedtls_printf("Do not know how to print key information for this type\n");
- goto cleanup;
- }
- } else if (opt.mode == MODE_PUBLIC) {
- /*
- * 1.1. Load the key
- */
- mbedtls_printf("\n . Loading the public key ...");
- fflush(stdout);
-
- ret = mbedtls_pk_parse_public_keyfile(&pk, opt.filename);
-
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n",
- (unsigned int) -ret);
- goto cleanup;
- }
-
- mbedtls_printf(" ok\n");
-
- mbedtls_printf(" . Key information ...\n");
-#if defined(MBEDTLS_RSA_C)
- if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) {
- mbedtls_rsa_context *rsa = mbedtls_pk_rsa(pk);
-
- if ((ret = mbedtls_rsa_export(rsa, &N, NULL, NULL,
- NULL, &E)) != 0) {
- mbedtls_printf(" failed\n ! could not export RSA parameters\n\n");
- goto cleanup;
- }
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("N: ", &N, 16, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("E: ", &E, 16, NULL));
- } else
-#endif
-#if defined(MBEDTLS_ECP_C)
- if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY) {
- if (show_ecp_key(mbedtls_pk_ec(pk), 0) != 0) {
- mbedtls_printf(" failed\n ! could not export ECC parameters\n\n");
- goto cleanup;
- }
- } else
-#endif
- {
- mbedtls_printf("Do not know how to print key information for this type\n");
- goto cleanup;
- }
- } else {
- goto usage;
- }
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-cleanup:
-
-#if defined(MBEDTLS_ERROR_C)
- if (exit_code != MBEDTLS_EXIT_SUCCESS) {
- mbedtls_printf("Error code: %d", ret);
- /* mbedtls_strerror(ret, buf, sizeof(buf));
- mbedtls_printf(" ! Last error was: %s\n", buf); */
- }
-#endif
-
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
- mbedtls_pk_free(&pk);
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- mbedtls_psa_crypto_free();
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
- mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
- mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
- mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
- MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c
deleted file mode 100644
index d34cbe1..0000000
--- a/programs/pkey/key_app_writer.c
+++ /dev/null
@@ -1,494 +0,0 @@
-/*
- * Key writing application
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if !defined(MBEDTLS_PK_PARSE_C) || \
- !defined(MBEDTLS_PK_WRITE_C) || \
- !defined(MBEDTLS_FS_IO) || \
- !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_CTR_DRBG_C) || \
- !defined(MBEDTLS_BIGNUM_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or "
- "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
- "MBEDTLS_FS_IO and/or MBEDTLS_BIGNUM_C not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-#include "mbedtls/pk.h"
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-#define USAGE_OUT \
- " output_file=%%s default: keyfile.pem\n" \
- " output_format=pem|der default: pem\n"
-#else
-#define USAGE_OUT \
- " output_file=%%s default: keyfile.der\n" \
- " output_format=der default: der\n"
-#endif
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-#define DFL_OUTPUT_FILENAME "keyfile.pem"
-#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_PEM
-#else
-#define DFL_OUTPUT_FILENAME "keyfile.der"
-#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_DER
-#endif
-
-#define DFL_MODE MODE_NONE
-#define DFL_FILENAME "keyfile.key"
-#define DFL_DEBUG_LEVEL 0
-#define DFL_OUTPUT_MODE OUTPUT_MODE_NONE
-
-#define MODE_NONE 0
-#define MODE_PRIVATE 1
-#define MODE_PUBLIC 2
-
-#define OUTPUT_MODE_NONE 0
-#define OUTPUT_MODE_PRIVATE 1
-#define OUTPUT_MODE_PUBLIC 2
-
-#define OUTPUT_FORMAT_PEM 0
-#define OUTPUT_FORMAT_DER 1
-
-#define USAGE \
- "\n usage: key_app_writer param=<>...\n" \
- "\n acceptable parameters:\n" \
- " mode=private|public default: none\n" \
- " filename=%%s default: keyfile.key\n" \
- " output_mode=private|public default: none\n" \
- USAGE_OUT \
- "\n"
-
-
-/*
- * global options
- */
-struct options {
- int mode; /* the mode to run the application in */
- const char *filename; /* filename of the key file */
- int output_mode; /* the output mode to use */
- const char *output_file; /* where to store the constructed key file */
- int output_format; /* the output format to use */
-} opt;
-
-static int write_public_key(mbedtls_pk_context *key, const char *output_file)
-{
- int ret;
- FILE *f;
- unsigned char output_buf[16000];
- unsigned char *c = output_buf;
- size_t len = 0;
-
- memset(output_buf, 0, 16000);
-
-#if defined(MBEDTLS_PEM_WRITE_C)
- if (opt.output_format == OUTPUT_FORMAT_PEM) {
- if ((ret = mbedtls_pk_write_pubkey_pem(key, output_buf, 16000)) != 0) {
- return ret;
- }
-
- len = strlen((char *) output_buf);
- } else
-#endif
- {
- if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf, 16000)) < 0) {
- return ret;
- }
-
- len = ret;
- c = output_buf + sizeof(output_buf) - len;
- }
-
- if ((f = fopen(output_file, "w")) == NULL) {
- return -1;
- }
-
- if (fwrite(c, 1, len, f) != len) {
- fclose(f);
- return -1;
- }
-
- fclose(f);
-
- return 0;
-}
-
-static int write_private_key(mbedtls_pk_context *key, const char *output_file)
-{
- int ret;
- FILE *f;
- unsigned char output_buf[16000];
- unsigned char *c = output_buf;
- size_t len = 0;
-
- memset(output_buf, 0, 16000);
-
-#if defined(MBEDTLS_PEM_WRITE_C)
- if (opt.output_format == OUTPUT_FORMAT_PEM) {
- if ((ret = mbedtls_pk_write_key_pem(key, output_buf, 16000)) != 0) {
- return ret;
- }
-
- len = strlen((char *) output_buf);
- } else
-#endif
- {
- if ((ret = mbedtls_pk_write_key_der(key, output_buf, 16000)) < 0) {
- return ret;
- }
-
- len = ret;
- c = output_buf + sizeof(output_buf) - len;
- }
-
- if ((f = fopen(output_file, "w")) == NULL) {
- return -1;
- }
-
- if (fwrite(c, 1, len, f) != len) {
- fclose(f);
- return -1;
- }
-
- fclose(f);
-
- return 0;
-}
-
-#if defined(MBEDTLS_ECP_C)
-static int show_ecp_key(const mbedtls_ecp_keypair *ecp, int has_private)
-{
- int ret = 0;
-
- const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_grp_id(
- mbedtls_ecp_keypair_get_group_id(ecp));
- mbedtls_printf("curve: %s\n", curve_info->name);
-
- mbedtls_ecp_group grp;
- mbedtls_ecp_group_init(&grp);
- mbedtls_mpi D;
- mbedtls_mpi_init(&D);
- mbedtls_ecp_point pt;
- mbedtls_ecp_point_init(&pt);
- mbedtls_mpi X, Y;
- mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y);
-
- MBEDTLS_MPI_CHK(mbedtls_ecp_export(ecp, &grp,
- (has_private ? &D : NULL),
- &pt));
-
- unsigned char point_bin[MBEDTLS_ECP_MAX_PT_LEN];
- size_t len = 0;
- MBEDTLS_MPI_CHK(mbedtls_ecp_point_write_binary(
- &grp, &pt, MBEDTLS_ECP_PF_UNCOMPRESSED,
- &len, point_bin, sizeof(point_bin)));
- switch (mbedtls_ecp_get_type(&grp)) {
- case MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:
- if ((len & 1) == 0 || point_bin[0] != 0x04) {
- /* Point in an unxepected format. This shouldn't happen. */
- ret = -1;
- goto cleanup;
- }
- MBEDTLS_MPI_CHK(
- mbedtls_mpi_read_binary(&X, point_bin + 1, len / 2));
- MBEDTLS_MPI_CHK(
- mbedtls_mpi_read_binary(&Y, point_bin + 1 + len / 2, len / 2));
- mbedtls_mpi_write_file("X_Q: ", &X, 16, NULL);
- mbedtls_mpi_write_file("Y_Q: ", &Y, 16, NULL);
- break;
- case MBEDTLS_ECP_TYPE_MONTGOMERY:
- MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&X, point_bin, len));
- mbedtls_mpi_write_file("X_Q: ", &X, 16, NULL);
- break;
- default:
- mbedtls_printf(
- "This program does not yet support listing coordinates for this curve type.\n");
- break;
- }
-
- if (has_private) {
- mbedtls_mpi_write_file("D: ", &D, 16, NULL);
- }
-
-cleanup:
- mbedtls_ecp_group_free(&grp);
- mbedtls_mpi_free(&D);
- mbedtls_ecp_point_free(&pt);
- mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y);
- return ret;
-}
-#endif
-
-int main(int argc, char *argv[])
-{
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
-#if defined(MBEDTLS_ERROR_C)
- char buf[200];
-#endif
- int i;
- char *p, *q;
-
- const char *pers = "pkey/key_app";
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
-
- mbedtls_pk_context key;
-#if defined(MBEDTLS_RSA_C)
- mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-#endif /* MBEDTLS_RSA_C */
-
- /*
- * Set to sane values
- */
- mbedtls_entropy_init(&entropy);
- mbedtls_ctr_drbg_init(&ctr_drbg);
-
- mbedtls_pk_init(&key);
-#if defined(MBEDTLS_ERROR_C)
- memset(buf, 0, sizeof(buf));
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_status_t status = psa_crypto_init();
- if (status != PSA_SUCCESS) {
- mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
- (int) status);
- goto exit;
- }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_RSA_C)
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
- mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
- mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
-#endif /* MBEDTLS_RSA_C */
-
- if (argc < 2) {
-usage:
- mbedtls_printf(USAGE);
- goto exit;
- }
-
- opt.mode = DFL_MODE;
- opt.filename = DFL_FILENAME;
- opt.output_mode = DFL_OUTPUT_MODE;
- opt.output_file = DFL_OUTPUT_FILENAME;
- opt.output_format = DFL_OUTPUT_FORMAT;
-
- for (i = 1; i < argc; i++) {
- p = argv[i];
- if ((q = strchr(p, '=')) == NULL) {
- goto usage;
- }
- *q++ = '\0';
-
- if (strcmp(p, "mode") == 0) {
- if (strcmp(q, "private") == 0) {
- opt.mode = MODE_PRIVATE;
- } else if (strcmp(q, "public") == 0) {
- opt.mode = MODE_PUBLIC;
- } else {
- goto usage;
- }
- } else if (strcmp(p, "output_mode") == 0) {
- if (strcmp(q, "private") == 0) {
- opt.output_mode = OUTPUT_MODE_PRIVATE;
- } else if (strcmp(q, "public") == 0) {
- opt.output_mode = OUTPUT_MODE_PUBLIC;
- } else {
- goto usage;
- }
- } else if (strcmp(p, "output_format") == 0) {
-#if defined(MBEDTLS_PEM_WRITE_C)
- if (strcmp(q, "pem") == 0) {
- opt.output_format = OUTPUT_FORMAT_PEM;
- } else
-#endif
- if (strcmp(q, "der") == 0) {
- opt.output_format = OUTPUT_FORMAT_DER;
- } else {
- goto usage;
- }
- } else if (strcmp(p, "filename") == 0) {
- opt.filename = q;
- } else if (strcmp(p, "output_file") == 0) {
- opt.output_file = q;
- } else {
- goto usage;
- }
- }
-
- if (opt.mode == MODE_NONE && opt.output_mode != OUTPUT_MODE_NONE) {
- mbedtls_printf("\nCannot output a key without reading one.\n");
- goto exit;
- }
-
- if (opt.mode == MODE_PUBLIC && opt.output_mode == OUTPUT_MODE_PRIVATE) {
- mbedtls_printf("\nCannot output a private key from a public key.\n");
- goto exit;
- }
-
- if (opt.mode == MODE_PRIVATE) {
- /*
- * 1.1. Load the key
- */
- mbedtls_printf("\n . Loading the private key ...");
- fflush(stdout);
-
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- ret = mbedtls_pk_parse_keyfile(&key, opt.filename, NULL,
- mbedtls_ctr_drbg_random, &ctr_drbg);
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x",
- (unsigned int) -ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
-
- /*
- * 1.2 Print the key
- */
- mbedtls_printf(" . Key information ...\n");
-
-#if defined(MBEDTLS_RSA_C)
- if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) {
- mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key);
-
- if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 ||
- (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP)) != 0) {
- mbedtls_printf(" failed\n ! could not export RSA parameters\n\n");
- goto exit;
- }
-
- mbedtls_mpi_write_file("N: ", &N, 16, NULL);
- mbedtls_mpi_write_file("E: ", &E, 16, NULL);
- mbedtls_mpi_write_file("D: ", &D, 16, NULL);
- mbedtls_mpi_write_file("P: ", &P, 16, NULL);
- mbedtls_mpi_write_file("Q: ", &Q, 16, NULL);
- mbedtls_mpi_write_file("DP: ", &DP, 16, NULL);
- mbedtls_mpi_write_file("DQ: ", &DQ, 16, NULL);
- mbedtls_mpi_write_file("QP: ", &QP, 16, NULL);
- } else
-#endif
-#if defined(MBEDTLS_ECP_C)
- if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) {
- if (show_ecp_key(mbedtls_pk_ec(key), 1) != 0) {
- mbedtls_printf(" failed\n ! could not export ECC parameters\n\n");
- goto exit;
- }
- } else
-#endif
- mbedtls_printf("key type not supported yet\n");
-
- } else if (opt.mode == MODE_PUBLIC) {
- /*
- * 1.1. Load the key
- */
- mbedtls_printf("\n . Loading the public key ...");
- fflush(stdout);
-
- ret = mbedtls_pk_parse_public_keyfile(&key, opt.filename);
-
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_key returned -0x%04x",
- (unsigned int) -ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
-
- /*
- * 1.2 Print the key
- */
- mbedtls_printf(" . Key information ...\n");
-
-#if defined(MBEDTLS_RSA_C)
- if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) {
- mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key);
-
- if ((ret = mbedtls_rsa_export(rsa, &N, NULL, NULL,
- NULL, &E)) != 0) {
- mbedtls_printf(" failed\n ! could not export RSA parameters\n\n");
- goto exit;
- }
- mbedtls_mpi_write_file("N: ", &N, 16, NULL);
- mbedtls_mpi_write_file("E: ", &E, 16, NULL);
- } else
-#endif
-#if defined(MBEDTLS_ECP_C)
- if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) {
- if (show_ecp_key(mbedtls_pk_ec(key), 0) != 0) {
- mbedtls_printf(" failed\n ! could not export ECC parameters\n\n");
- goto exit;
- }
- } else
-#endif
- mbedtls_printf("key type not supported yet\n");
- } else {
- goto usage;
- }
-
- if (opt.output_mode == OUTPUT_MODE_PUBLIC) {
- write_public_key(&key, opt.output_file);
- }
- if (opt.output_mode == OUTPUT_MODE_PRIVATE) {
- write_private_key(&key, opt.output_file);
- }
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- if (exit_code != MBEDTLS_EXIT_SUCCESS) {
-#ifdef MBEDTLS_ERROR_C
- mbedtls_printf("Error code: %d", ret);
- /* mbedtls_strerror(ret, buf, sizeof(buf));
- mbedtls_printf(" - %s\n", buf); */
-#else
- mbedtls_printf("\n");
-#endif
- }
-
-#if defined(MBEDTLS_RSA_C)
- mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
- mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
- mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
-#endif /* MBEDTLS_RSA_C */
-
- mbedtls_pk_free(&key);
-
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- mbedtls_psa_crypto_free();
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
- mbedtls_exit(exit_code);
-}
-#endif /* program viability conditions */
diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c
deleted file mode 100644
index e83aa32..0000000
--- a/programs/pkey/mpi_demo.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Simple MPI demonstration program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_FS_IO)
-#include "mbedtls/bignum.h"
-
-#include <stdio.h>
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_FS_IO)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_FS_IO not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(void)
-{
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- mbedtls_mpi E, P, Q, N, H, D, X, Y, Z;
-
- mbedtls_mpi_init(&E); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&N);
- mbedtls_mpi_init(&H); mbedtls_mpi_init(&D); mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y);
- mbedtls_mpi_init(&Z);
-
- MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P, 10, "2789"));
- MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&Q, 10, "3203"));
- MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&E, 10, "257"));
- MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&N, &P, &Q));
-
- mbedtls_printf("\n Public key:\n\n");
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" N = ", &N, 10, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" E = ", &E, 10, NULL));
-
- mbedtls_printf("\n Private key:\n\n");
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" P = ", &P, 10, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" Q = ", &Q, 10, NULL));
-
-#if defined(MBEDTLS_GENPRIME)
- MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&P, &P, 1));
- MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&Q, &Q, 1));
- MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&H, &P, &Q));
- MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&D, &E, &H));
-
- mbedtls_mpi_write_file(" D = E^-1 mod (P-1)*(Q-1) = ",
- &D, 10, NULL);
-#else
- mbedtls_printf("\nTest skipped (MBEDTLS_GENPRIME not defined).\n\n");
-#endif
- MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&X, 10, "55555"));
- MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&Y, &X, &E, &N, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&Z, &Y, &D, &N, NULL));
-
- mbedtls_printf("\n RSA operation:\n\n");
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" X (plaintext) = ", &X, 10, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" Y (ciphertext) = X^E mod N = ", &Y, 10, NULL));
- MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" Z (decrypted) = Y^D mod N = ", &Z, 10, NULL));
- mbedtls_printf("\n");
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-cleanup:
- mbedtls_mpi_free(&E); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&N);
- mbedtls_mpi_free(&H); mbedtls_mpi_free(&D); mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y);
- mbedtls_mpi_free(&Z);
-
- if (exit_code != MBEDTLS_EXIT_SUCCESS) {
- mbedtls_printf("\nAn error occurred.\n");
- }
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_FS_IO */
diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c
deleted file mode 100644
index 3dbfde0..0000000
--- a/programs/pkey/pk_decrypt.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * Public key-based simple decryption program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \
- defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/pk.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or "
- "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_CTR_DRBG_C not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(int argc, char *argv[])
-{
- FILE *f;
- int ret = 1;
- unsigned c;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- size_t i, olen = 0;
- mbedtls_pk_context pk;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- unsigned char result[1024];
- unsigned char buf[512];
- const char *pers = "mbedtls_pk_decrypt";
- ((void) argv);
-
- mbedtls_pk_init(&pk);
- mbedtls_entropy_init(&entropy);
- mbedtls_ctr_drbg_init(&ctr_drbg);
-
- memset(result, 0, sizeof(result));
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_status_t status = psa_crypto_init();
- if (status != PSA_SUCCESS) {
- mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
- (int) status);
- goto exit;
- }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
- if (argc != 2) {
- mbedtls_printf("usage: mbedtls_pk_decrypt <key_file>\n");
-
-#if defined(_WIN32)
- mbedtls_printf("\n");
-#endif
-
- goto exit;
- }
-
- mbedtls_printf("\n . Seeding the random number generator...");
- fflush(stdout);
-
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- mbedtls_printf("\n . Reading private key from '%s'", argv[1]);
- fflush(stdout);
-
- if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "",
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- /*
- * Extract the RSA encrypted value from the text file
- */
- if ((f = fopen("result-enc.txt", "rb")) == NULL) {
- mbedtls_printf("\n ! Could not open %s\n\n", "result-enc.txt");
- ret = 1;
- goto exit;
- }
-
- i = 0;
- while (fscanf(f, "%02X", (unsigned int *) &c) > 0 &&
- i < (int) sizeof(buf)) {
- buf[i++] = (unsigned char) c;
- }
-
- fclose(f);
-
- /*
- * Decrypt the encrypted RSA data and print the result.
- */
- mbedtls_printf("\n . Decrypting the encrypted data");
- fflush(stdout);
-
- if ((ret = mbedtls_pk_decrypt(&pk, buf, i, result, &olen, sizeof(result),
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_pk_decrypt returned -0x%04x\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- mbedtls_printf("\n . OK\n\n");
-
- mbedtls_printf("The decrypted result is: '%s'\n\n", result);
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_pk_free(&pk);
- mbedtls_entropy_free(&entropy);
- mbedtls_ctr_drbg_free(&ctr_drbg);
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- mbedtls_psa_crypto_free();
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_ERROR_C)
- if (exit_code != MBEDTLS_EXIT_SUCCESS) {
- mbedtls_printf("Error code: %d", ret);
- /* mbedtls_strerror(ret, (char *) buf, sizeof(buf));
- mbedtls_printf(" ! Last error was: %s\n", buf); */
- }
-#endif
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
- MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c
deleted file mode 100644
index a3a7c1b..0000000
--- a/programs/pkey/pk_encrypt.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/*
- * RSA simple data encryption program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \
- defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \
- defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/pk.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \
- !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or "
- "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_CTR_DRBG_C not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(int argc, char *argv[])
-{
- FILE *f;
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- size_t i, olen = 0;
- mbedtls_pk_context pk;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- unsigned char input[1024];
- unsigned char buf[512];
- const char *pers = "mbedtls_pk_encrypt";
-
- mbedtls_ctr_drbg_init(&ctr_drbg);
- mbedtls_entropy_init(&entropy);
- mbedtls_pk_init(&pk);
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_status_t status = psa_crypto_init();
- if (status != PSA_SUCCESS) {
- mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
- (int) status);
- goto exit;
- }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
- if (argc != 3) {
- mbedtls_printf("usage: mbedtls_pk_encrypt <key_file> <string of max 100 characters>\n");
-
-#if defined(_WIN32)
- mbedtls_printf("\n");
-#endif
-
- goto exit;
- }
-
- mbedtls_printf("\n . Seeding the random number generator...");
- fflush(stdout);
-
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- mbedtls_printf("\n . Reading public key from '%s'", argv[1]);
- fflush(stdout);
-
- if ((ret = mbedtls_pk_parse_public_keyfile(&pk, argv[1])) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- if (strlen(argv[2]) > 100) {
- mbedtls_printf(" Input data larger than 100 characters.\n\n");
- goto exit;
- }
-
- memcpy(input, argv[2], strlen(argv[2]));
-
- /*
- * Calculate the RSA encryption of the hash.
- */
- mbedtls_printf("\n . Generating the encrypted value");
- fflush(stdout);
-
- if ((ret = mbedtls_pk_encrypt(&pk, input, strlen(argv[2]),
- buf, &olen, sizeof(buf),
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_pk_encrypt returned -0x%04x\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- /*
- * Write the signature into result-enc.txt
- */
- if ((f = fopen("result-enc.txt", "wb+")) == NULL) {
- mbedtls_printf(" failed\n ! Could not create %s\n\n",
- "result-enc.txt");
- ret = 1;
- goto exit;
- }
-
- for (i = 0; i < olen; i++) {
- mbedtls_fprintf(f, "%02X%s", buf[i],
- (i + 1) % 16 == 0 ? "\r\n" : " ");
- }
-
- fclose(f);
-
- mbedtls_printf("\n . Done (created \"%s\")\n\n", "result-enc.txt");
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_pk_free(&pk);
- mbedtls_entropy_free(&entropy);
- mbedtls_ctr_drbg_free(&ctr_drbg);
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- mbedtls_psa_crypto_free();
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_ERROR_C)
- if (exit_code != MBEDTLS_EXIT_SUCCESS) {
- mbedtls_printf("Error code: %d", ret);
- /* mbedtls_strerror(ret, (char *) buf, sizeof(buf));
- mbedtls_printf(" ! Last error was: %s\n", buf); */
- }
-#endif
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_ENTROPY_C &&
- MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index c1640d6..92d9660 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -83,8 +85,7 @@
mbedtls_printf("\n . Reading private key from '%s'", argv[1]);
fflush(stdout);
- if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "",
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+ if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) {
mbedtls_printf(" failed\n ! Could not parse '%s'\n", argv[1]);
goto exit;
}
@@ -104,8 +105,7 @@
}
if ((ret = mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, 0,
- buf, sizeof(buf), &olen,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+ buf, sizeof(buf), &olen)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret);
goto exit;
}
diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c
index 7b88cab..8ae612b 100644
--- a/programs/pkey/pk_verify.c
+++ b/programs/pkey/pk_verify.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c
deleted file mode 100644
index a84af50..0000000
--- a/programs/pkey/rsa_decrypt.c
+++ /dev/null
@@ -1,172 +0,0 @@
-/*
- * RSA simple decryption program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
- defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/rsa.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <string.h>
-
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
- "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_CTR_DRBG_C not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(int argc, char *argv[])
-{
- FILE *f;
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- unsigned c;
- size_t i;
- mbedtls_rsa_context rsa;
- mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- unsigned char result[1024];
- unsigned char buf[512];
- const char *pers = "rsa_decrypt";
- ((void) argv);
-
- memset(result, 0, sizeof(result));
-
- if (argc != 1) {
- mbedtls_printf("usage: rsa_decrypt\n");
-
-#if defined(_WIN32)
- mbedtls_printf("\n");
-#endif
-
- mbedtls_exit(exit_code);
- }
-
- mbedtls_printf("\n . Seeding the random number generator...");
- fflush(stdout);
-
- mbedtls_rsa_init(&rsa);
- mbedtls_ctr_drbg_init(&ctr_drbg);
- mbedtls_entropy_init(&entropy);
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
- mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
- mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
-
- ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen(pers));
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n",
- ret);
- goto exit;
- }
-
- mbedtls_printf("\n . Reading private key from rsa_priv.txt");
- fflush(stdout);
-
- if ((f = fopen("rsa_priv.txt", "rb")) == NULL) {
- mbedtls_printf(" failed\n ! Could not open rsa_priv.txt\n" \
- " ! Please run rsa_genkey first\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&DP, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&DQ, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&QP, 16, f)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n",
- ret);
- fclose(f);
- goto exit;
- }
- fclose(f);
-
- if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n",
- ret);
- goto exit;
- }
-
- if ((ret = mbedtls_rsa_complete(&rsa)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_complete returned %d\n\n",
- ret);
- goto exit;
- }
-
- /*
- * Extract the RSA encrypted value from the text file
- */
- if ((f = fopen("result-enc.txt", "rb")) == NULL) {
- mbedtls_printf("\n ! Could not open %s\n\n", "result-enc.txt");
- goto exit;
- }
-
- i = 0;
-
- while (fscanf(f, "%02X", (unsigned int *) &c) > 0 &&
- i < (int) sizeof(buf)) {
- buf[i++] = (unsigned char) c;
- }
-
- fclose(f);
-
- if (i != mbedtls_rsa_get_len(&rsa)) {
- mbedtls_printf("\n ! Invalid RSA signature format\n\n");
- goto exit;
- }
-
- /*
- * Decrypt the encrypted RSA data and print the result.
- */
- mbedtls_printf("\n . Decrypting the encrypted data");
- fflush(stdout);
-
- ret = mbedtls_rsa_pkcs1_decrypt(&rsa, mbedtls_ctr_drbg_random,
- &ctr_drbg, &i,
- buf, result, 1024);
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_decrypt returned %d\n\n",
- ret);
- goto exit;
- }
-
- mbedtls_printf("\n . OK\n\n");
-
- mbedtls_printf("The decrypted result is: '%s'\n\n", result);
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
- mbedtls_rsa_free(&rsa);
- mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
- mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
- mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_FS_IO */
diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c
deleted file mode 100644
index 6538f8a..0000000
--- a/programs/pkey/rsa_encrypt.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * RSA simple data encryption program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
- defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \
- defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/rsa.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <string.h>
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \
- !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
- "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_CTR_DRBG_C not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(int argc, char *argv[])
-{
- FILE *f;
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- size_t i;
- mbedtls_rsa_context rsa;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- unsigned char input[1024];
- unsigned char buf[512];
- const char *pers = "rsa_encrypt";
- mbedtls_mpi N, E;
-
- if (argc != 2) {
- mbedtls_printf("usage: rsa_encrypt <string of max 100 characters>\n");
-
-#if defined(_WIN32)
- mbedtls_printf("\n");
-#endif
-
- mbedtls_exit(exit_code);
- }
-
- mbedtls_printf("\n . Seeding the random number generator...");
- fflush(stdout);
-
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
- mbedtls_rsa_init(&rsa);
- mbedtls_ctr_drbg_init(&ctr_drbg);
- mbedtls_entropy_init(&entropy);
-
- ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen(pers));
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n",
- ret);
- goto exit;
- }
-
- mbedtls_printf("\n . Reading public key from rsa_pub.txt");
- fflush(stdout);
-
- if ((f = fopen("rsa_pub.txt", "rb")) == NULL) {
- mbedtls_printf(" failed\n ! Could not open rsa_pub.txt\n" \
- " ! Please run rsa_genkey first\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n",
- ret);
- fclose(f);
- goto exit;
- }
- fclose(f);
-
- if ((ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n",
- ret);
- goto exit;
- }
-
- if (strlen(argv[1]) > 100) {
- mbedtls_printf(" Input data larger than 100 characters.\n\n");
- goto exit;
- }
-
- memcpy(input, argv[1], strlen(argv[1]));
-
- /*
- * Calculate the RSA encryption of the hash.
- */
- mbedtls_printf("\n . Generating the RSA encrypted value");
- fflush(stdout);
-
- ret = mbedtls_rsa_pkcs1_encrypt(&rsa, mbedtls_ctr_drbg_random,
- &ctr_drbg, strlen(argv[1]), input, buf);
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n",
- ret);
- goto exit;
- }
-
- /*
- * Write the signature into result-enc.txt
- */
- if ((f = fopen("result-enc.txt", "wb+")) == NULL) {
- mbedtls_printf(" failed\n ! Could not create %s\n\n", "result-enc.txt");
- goto exit;
- }
-
- for (i = 0; i < mbedtls_rsa_get_len(&rsa); i++) {
- mbedtls_fprintf(f, "%02X%s", buf[i],
- (i + 1) % 16 == 0 ? "\r\n" : " ");
- }
-
- fclose(f);
-
- mbedtls_printf("\n . Done (created \"%s\")\n\n", "result-enc.txt");
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
- mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
- mbedtls_rsa_free(&rsa);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_ENTROPY_C &&
- MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c
deleted file mode 100644
index dc58215..0000000
--- a/programs/pkey/rsa_genkey.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * Example RSA key generation program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) && \
- defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/bignum.h"
-#include "mbedtls/rsa.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#define KEY_SIZE 2048
-#define EXPONENT 65537
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_GENPRIME) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_RSA_C and/or MBEDTLS_GENPRIME and/or "
- "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(void)
-{
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- mbedtls_rsa_context rsa;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
- FILE *fpub = NULL;
- FILE *fpriv = NULL;
- const char *pers = "rsa_genkey";
-
- mbedtls_ctr_drbg_init(&ctr_drbg);
- mbedtls_rsa_init(&rsa);
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
- mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
- mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
-
- mbedtls_printf("\n . Seeding the random number generator...");
- fflush(stdout);
-
- mbedtls_entropy_init(&entropy);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE);
- fflush(stdout);
-
- if ((ret = mbedtls_rsa_gen_key(&rsa, mbedtls_ctr_drbg_random, &ctr_drbg, KEY_SIZE,
- EXPONENT)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_gen_key returned %d\n\n", ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n . Exporting the public key in rsa_pub.txt....");
- fflush(stdout);
-
- if ((ret = mbedtls_rsa_export(&rsa, &N, &P, &Q, &D, &E)) != 0 ||
- (ret = mbedtls_rsa_export_crt(&rsa, &DP, &DQ, &QP)) != 0) {
- mbedtls_printf(" failed\n ! could not export RSA parameters\n\n");
- goto exit;
- }
-
- if ((fpub = fopen("rsa_pub.txt", "wb+")) == NULL) {
- mbedtls_printf(" failed\n ! could not open rsa_pub.txt for writing\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_mpi_write_file("N = ", &N, 16, fpub)) != 0 ||
- (ret = mbedtls_mpi_write_file("E = ", &E, 16, fpub)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n . Exporting the private key in rsa_priv.txt...");
- fflush(stdout);
-
- if ((fpriv = fopen("rsa_priv.txt", "wb+")) == NULL) {
- mbedtls_printf(" failed\n ! could not open rsa_priv.txt for writing\n");
- goto exit;
- }
-
- if ((ret = mbedtls_mpi_write_file("N = ", &N, 16, fpriv)) != 0 ||
- (ret = mbedtls_mpi_write_file("E = ", &E, 16, fpriv)) != 0 ||
- (ret = mbedtls_mpi_write_file("D = ", &D, 16, fpriv)) != 0 ||
- (ret = mbedtls_mpi_write_file("P = ", &P, 16, fpriv)) != 0 ||
- (ret = mbedtls_mpi_write_file("Q = ", &Q, 16, fpriv)) != 0 ||
- (ret = mbedtls_mpi_write_file("DP = ", &DP, 16, fpriv)) != 0 ||
- (ret = mbedtls_mpi_write_file("DQ = ", &DQ, 16, fpriv)) != 0 ||
- (ret = mbedtls_mpi_write_file("QP = ", &QP, 16, fpriv)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret);
- goto exit;
- }
- mbedtls_printf(" ok\n\n");
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- if (fpub != NULL) {
- fclose(fpub);
- }
-
- if (fpriv != NULL) {
- fclose(fpriv);
- }
-
- mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
- mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
- mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
- mbedtls_rsa_free(&rsa);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
- MBEDTLS_GENPRIME && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c
deleted file mode 100644
index 0e32e13..0000000
--- a/programs/pkey/rsa_sign.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- * RSA/SHA-256 signature creation program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-/* md.h is included this early since MD_CAN_XXX macros are defined there. */
-#include "mbedtls/md.h"
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
- !defined(PSA_WANT_ALG_SHA_256) || !defined(MBEDTLS_MD_C) || \
- !defined(MBEDTLS_FS_IO)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
- "MBEDTLS_MD_C and/or "
- "PSA_WANT_ALG_SHA_256 and/or MBEDTLS_FS_IO not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-#include "mbedtls/rsa.h"
-
-#include <stdio.h>
-#include <string.h>
-
-
-int main(int argc, char *argv[])
-{
- FILE *f;
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- size_t i;
- mbedtls_rsa_context rsa;
- unsigned char hash[32];
- unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
- char filename[512];
- mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-
- mbedtls_rsa_init(&rsa);
-
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
- mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
- mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
-
- if (argc != 2) {
- mbedtls_printf("usage: rsa_sign <filename>\n");
-
-#if defined(_WIN32)
- mbedtls_printf("\n");
-#endif
-
- goto exit;
- }
-
- mbedtls_printf("\n . Reading private key from rsa_priv.txt");
- fflush(stdout);
-
- if ((f = fopen("rsa_priv.txt", "rb")) == NULL) {
- mbedtls_printf(" failed\n ! Could not open rsa_priv.txt\n" \
- " ! Please run rsa_genkey first\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&DP, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&DQ, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&QP, 16, f)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret);
- fclose(f);
- goto exit;
- }
- fclose(f);
-
- if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n",
- ret);
- goto exit;
- }
-
- if ((ret = mbedtls_rsa_complete(&rsa)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_complete returned %d\n\n",
- ret);
- goto exit;
- }
-
- mbedtls_printf("\n . Checking the private key");
- fflush(stdout);
- if ((ret = mbedtls_rsa_check_privkey(&rsa)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_check_privkey failed with -0x%0x\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- /*
- * Compute the SHA-256 hash of the input file,
- * then calculate the RSA signature of the hash.
- */
- mbedtls_printf("\n . Generating the RSA/SHA-256 signature");
- fflush(stdout);
-
- if ((ret = mbedtls_md_file(
- mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
- argv[1], hash)) != 0) {
- mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[1]);
- goto exit;
- }
-
- if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, NULL, NULL, MBEDTLS_MD_SHA256,
- 32, hash, buf)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- /*
- * Write the signature into <filename>.sig
- */
- mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[1]);
-
- if ((f = fopen(filename, "wb+")) == NULL) {
- mbedtls_printf(" failed\n ! Could not create %s\n\n", argv[1]);
- goto exit;
- }
-
- for (i = 0; i < mbedtls_rsa_get_len(&rsa); i++) {
- mbedtls_fprintf(f, "%02X%s", buf[i],
- (i + 1) % 16 == 0 ? "\r\n" : " ");
- }
-
- fclose(f);
-
- mbedtls_printf("\n . Done (created \"%s\")\n\n", filename);
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_rsa_free(&rsa);
- mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
- mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
- mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && PSA_WANT_ALG_SHA_256 &&
- MBEDTLS_FS_IO */
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index 430536a..a5e06fb 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -84,8 +86,7 @@
mbedtls_printf("\n . Reading private key from '%s'", argv[1]);
fflush(stdout);
- if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "",
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+ if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) {
mbedtls_printf(" failed\n ! Could not read key from '%s'\n", argv[1]);
mbedtls_printf(" ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret);
goto exit;
@@ -118,8 +119,7 @@
}
if ((ret = mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, 0,
- buf, sizeof(buf), &olen,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+ buf, sizeof(buf), &olen)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_sign returned %d\n\n", ret);
goto exit;
}
diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c
deleted file mode 100644
index e3f32bb..0000000
--- a/programs/pkey/rsa_verify.c
+++ /dev/null
@@ -1,134 +0,0 @@
-/*
- * RSA/SHA-256 signature verification program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-/* md.h is included this early since MD_CAN_XXX macros are defined there. */
-#include "mbedtls/md.h"
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
- !defined(PSA_WANT_ALG_SHA_256) || !defined(MBEDTLS_MD_C) || \
- !defined(MBEDTLS_FS_IO)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
- "MBEDTLS_MD_C and/or "
- "PSA_WANT_ALG_SHA_256 and/or MBEDTLS_FS_IO not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-#include "mbedtls/rsa.h"
-
-#include <stdio.h>
-#include <string.h>
-
-
-int main(int argc, char *argv[])
-{
- FILE *f;
- int ret = 1;
- unsigned c;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- size_t i;
- mbedtls_rsa_context rsa;
- mbedtls_mpi N, E;
- unsigned char hash[32];
- unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
- char filename[512];
-
- mbedtls_rsa_init(&rsa);
- mbedtls_mpi_init(&N);
- mbedtls_mpi_init(&E);
-
- if (argc != 2) {
- mbedtls_printf("usage: rsa_verify <filename>\n");
-
-#if defined(_WIN32)
- mbedtls_printf("\n");
-#endif
-
- goto exit;
- }
-
- mbedtls_printf("\n . Reading public key from rsa_pub.txt");
- fflush(stdout);
-
- if ((f = fopen("rsa_pub.txt", "rb")) == NULL) {
- mbedtls_printf(" failed\n ! Could not open rsa_pub.txt\n" \
- " ! Please run rsa_genkey first\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
- (ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E) != 0)) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret);
- fclose(f);
- goto exit;
- }
- fclose(f);
-
- /*
- * Extract the RSA signature from the text file
- */
- mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[1]);
-
- if ((f = fopen(filename, "rb")) == NULL) {
- mbedtls_printf("\n ! Could not open %s\n\n", filename);
- goto exit;
- }
-
- i = 0;
- while (fscanf(f, "%02X", (unsigned int *) &c) > 0 &&
- i < (int) sizeof(buf)) {
- buf[i++] = (unsigned char) c;
- }
-
- fclose(f);
-
- if (i != mbedtls_rsa_get_len(&rsa)) {
- mbedtls_printf("\n ! Invalid RSA signature format\n\n");
- goto exit;
- }
-
- /*
- * Compute the SHA-256 hash of the input file and
- * verify the signature
- */
- mbedtls_printf("\n . Verifying the RSA/SHA-256 signature");
- fflush(stdout);
-
- if ((ret = mbedtls_md_file(
- mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
- argv[1], hash)) != 0) {
- mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[1]);
- goto exit;
- }
-
- if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, MBEDTLS_MD_SHA256,
- 32, hash, buf)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- mbedtls_printf("\n . OK (the signature is valid)\n\n");
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_rsa_free(&rsa);
- mbedtls_mpi_free(&N);
- mbedtls_mpi_free(&E);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && PSA_WANT_ALG_SHA_256 &&
- MBEDTLS_FS_IO */
diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c
index 4b5336d..2bb140f 100644
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt
deleted file mode 100644
index 76cb840..0000000
--- a/programs/random/CMakeLists.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-set(executables
- gen_entropy
- gen_random_ctr_drbg
-)
-add_dependencies(${programs_target} ${executables})
-
-foreach(exe IN LISTS executables)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- set_base_compile_options(${exe})
- target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
- target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include)
-endforeach()
-
-install(TARGETS ${executables}
- DESTINATION "bin"
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c
deleted file mode 100644
index 887b2c9..0000000
--- a/programs/random/gen_entropy.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/**
- * \brief Use and generate multiple entropies calls into a file
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO)
-#include "mbedtls/entropy.h"
-
-#include <stdio.h>
-#endif
-
-#if !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(int argc, char *argv[])
-{
- FILE *f;
- int i, k, ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- mbedtls_entropy_context entropy;
- unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
- if (argc < 2) {
- mbedtls_fprintf(stderr, "usage: %s <output filename>\n", argv[0]);
- mbedtls_exit(exit_code);
- }
-
- if ((f = fopen(argv[1], "wb+")) == NULL) {
- mbedtls_printf("failed to open '%s' for writing.\n", argv[1]);
- mbedtls_exit(exit_code);
- }
-
- mbedtls_entropy_init(&entropy);
-
- for (i = 0, k = 768; i < k; i++) {
- ret = mbedtls_entropy_func(&entropy, buf, sizeof(buf));
- if (ret != 0) {
- mbedtls_printf(" failed\n ! mbedtls_entropy_func returned -%04X\n",
- (unsigned int) ret);
- goto cleanup;
- }
-
- fwrite(buf, 1, sizeof(buf), f);
-
- mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \
- "%% done\r",
- (long) (sizeof(buf) * k / 1024),
- argv[1],
- (100 * (float) (i + 1)) / k);
- fflush(stdout);
- }
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-cleanup:
- mbedtls_printf("\n");
-
- fclose(f);
- mbedtls_entropy_free(&entropy);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_ENTROPY_C */
diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c
deleted file mode 100644
index 0eecf0a..0000000
--- a/programs/random/gen_random_ctr_drbg.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/**
- * \brief Use and generate random data into a file via the CTR_DBRG based on AES
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_FS_IO)
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#endif
-
-#if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_FS_IO)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(int argc, char *argv[])
-{
- FILE *f;
- int i, k, ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_entropy_context entropy;
- unsigned char buf[1024];
-
- mbedtls_ctr_drbg_init(&ctr_drbg);
-
- if (argc < 2) {
- mbedtls_fprintf(stderr, "usage: %s <output filename>\n", argv[0]);
- mbedtls_exit(exit_code);
- }
-
- if ((f = fopen(argv[1], "wb+")) == NULL) {
- mbedtls_printf("failed to open '%s' for writing.\n", argv[1]);
- mbedtls_exit(exit_code);
- }
-
- mbedtls_entropy_init(&entropy);
- ret = mbedtls_ctr_drbg_seed(&ctr_drbg,
- mbedtls_entropy_func,
- &entropy,
- (const unsigned char *) "RANDOM_GEN",
- 10);
- if (ret != 0) {
- mbedtls_printf("failed in mbedtls_ctr_drbg_seed: %d\n", ret);
- goto cleanup;
- }
- mbedtls_ctr_drbg_set_prediction_resistance(&ctr_drbg, MBEDTLS_CTR_DRBG_PR_OFF);
-
-#if defined(MBEDTLS_FS_IO)
- ret = mbedtls_ctr_drbg_update_seed_file(&ctr_drbg, "seedfile");
-
- if (ret == MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR) {
- mbedtls_printf("Failed to open seedfile. Generating one.\n");
- ret = mbedtls_ctr_drbg_write_seed_file(&ctr_drbg, "seedfile");
- if (ret != 0) {
- mbedtls_printf("failed in mbedtls_ctr_drbg_write_seed_file: %d\n", ret);
- goto cleanup;
- }
- } else if (ret != 0) {
- mbedtls_printf("failed in mbedtls_ctr_drbg_update_seed_file: %d\n", ret);
- goto cleanup;
- }
-#endif
-
- for (i = 0, k = 768; i < k; i++) {
- ret = mbedtls_ctr_drbg_random(&ctr_drbg, buf, sizeof(buf));
- if (ret != 0) {
- mbedtls_printf("failed!\n");
- goto cleanup;
- }
-
- fwrite(buf, 1, sizeof(buf), f);
-
- mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \
- "%% done\r",
- (long) (sizeof(buf) * k / 1024),
- argv[1],
- (100 * (float) (i + 1)) / k);
- fflush(stdout);
- }
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-cleanup:
- mbedtls_printf("\n");
-
- fclose(f);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C */
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index f7f417f..26eb20d 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -167,7 +169,6 @@
* Production code should set a proper ca chain and use REQUIRED. */
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
- mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS);
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index 6430ed2..0e155fd 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -163,9 +165,7 @@
(const unsigned char *) mbedtls_test_srv_key,
mbedtls_test_srv_key_len,
NULL,
- 0,
- mbedtls_ctr_drbg_random,
- &ctr_drbg);
+ 0);
if (ret != 0) {
printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret);
goto exit;
@@ -200,7 +200,6 @@
goto exit;
}
- mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS);
@@ -216,8 +215,7 @@
goto exit;
}
- if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+ if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx)) != 0) {
printf(" failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret);
goto exit;
}
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
index cac630e..e3adb3c 100644
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@@ -6,6 +6,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -185,8 +187,6 @@
goto exit;
}
- mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
-
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk),
(const unsigned char *) psk_id, sizeof(psk_id) - 1);
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index a6ab858..dba8aab 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -148,7 +150,6 @@
* but makes interop easier in this simplified example */
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
- mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index f009a31..6a5fca5 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -71,11 +71,11 @@
#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE
#define DFL_TRUNC_HMAC -1
#define DFL_RECSPLIT -1
-#define DFL_DHMLEN -1
#define DFL_RECONNECT 0
#define DFL_RECO_SERVER_NAME NULL
#define DFL_RECO_DELAY 0
#define DFL_RECO_MODE 1
+#define DFL_RENEGO_DELAY -2
#define DFL_CID_ENABLED 0
#define DFL_CID_VALUE ""
#define DFL_CID_ENABLED_RENEGO -1
@@ -234,13 +234,6 @@
#define USAGE_MAX_FRAG_LEN ""
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_DHM_C)
-#define USAGE_DHMLEN \
- " dhmlen=%%d default: (library default: 1024 bits)\n"
-#else
-#define USAGE_DHMLEN
-#endif
-
#if defined(MBEDTLS_SSL_ALPN)
#define USAGE_ALPN \
" alpn=%%s default: \"\" (disabled)\n" \
@@ -306,7 +299,8 @@
#if defined(MBEDTLS_SSL_RENEGOTIATION)
#define USAGE_RENEGO \
" renegotiation=%%d default: 0 (disabled)\n" \
- " renegotiate=%%d default: 0 (disabled)\n"
+ " renegotiate=%%d default: 0 (disabled)\n" \
+ " renego_delay=%%d default: -2 (library default)\n"
#else
#define USAGE_RENEGO ""
#endif
@@ -354,10 +348,10 @@
#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_PROTO_TLS1_3 */
#define USAGE_KEY_OPAQUE_ALGS \
- " key_opaque_algs=%%s Allowed opaque key algorithms.\n" \
+ " key_opaque_algs=%%s Allowed opaque key algorithms.\n" \
" comma-separated pair of values among the following:\n" \
" rsa-sign-pkcs1, rsa-sign-pss, rsa-sign-pss-sha256,\n" \
- " rsa-sign-pss-sha384, rsa-sign-pss-sha512, rsa-decrypt,\n" \
+ " rsa-sign-pss-sha384, rsa-sign-pss-sha512,\n" \
" ecdsa-sign, ecdh, none (only acceptable for\n" \
" the second value).\n" \
@@ -433,7 +427,6 @@
USAGE_GROUPS \
USAGE_SIG_ALGS \
USAGE_EARLY_DATA \
- USAGE_DHMLEN \
USAGE_KEY_OPAQUE_ALGS \
"\n"
@@ -508,7 +501,6 @@
unsigned char mfl_code; /* code for maximum fragment length */
int trunc_hmac; /* negotiate truncated hmac or not */
int recsplit; /* enable record splitting? */
- int dhmlen; /* minimum DHM params len in bits */
int reconnect; /* attempt to resume session */
const char *reco_server_name; /* hostname of the server (re-connect) */
int reco_delay; /* delay in seconds before resuming session */
@@ -948,6 +940,7 @@
opt.renegotiation = DFL_RENEGOTIATION;
opt.allow_legacy = DFL_ALLOW_LEGACY;
opt.renegotiate = DFL_RENEGOTIATE;
+ opt.renego_delay = DFL_RENEGO_DELAY;
opt.exchanges = DFL_EXCHANGES;
opt.min_version = DFL_MIN_VERSION;
opt.max_version = DFL_MAX_VERSION;
@@ -956,7 +949,6 @@
opt.mfl_code = DFL_MFL_CODE;
opt.trunc_hmac = DFL_TRUNC_HMAC;
opt.recsplit = DFL_RECSPLIT;
- opt.dhmlen = DFL_DHMLEN;
opt.reconnect = DFL_RECONNECT;
opt.reco_server_name = DFL_RECO_SERVER_NAME;
opt.reco_delay = DFL_RECO_DELAY;
@@ -1183,6 +1175,8 @@
break;
default: goto usage;
}
+ } else if (strcmp(p, "renego_delay") == 0) {
+ opt.renego_delay = (atoi(q));
} else if (strcmp(p, "renegotiate") == 0) {
opt.renegotiate = atoi(q);
if (opt.renegotiate < 0 || opt.renegotiate > 1) {
@@ -1388,11 +1382,6 @@
if (opt.recsplit < 0 || opt.recsplit > 1) {
goto usage;
}
- } else if (strcmp(p, "dhmlen") == 0) {
- opt.dhmlen = atoi(q);
- if (opt.dhmlen < 0) {
- goto usage;
- }
} else if (strcmp(p, "query_config") == 0) {
opt.query_config_mode = 1;
query_config_ret = query_config(q);
@@ -1747,12 +1736,12 @@
} else
#if defined(MBEDTLS_FS_IO)
if (strlen(opt.key_file)) {
- ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, opt.key_pwd, rng_get, &rng);
+ ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, opt.key_pwd);
} else
#endif
{ ret = mbedtls_pk_parse_key(&pkey,
(const unsigned char *) mbedtls_test_cli_key,
- mbedtls_test_cli_key_len, NULL, 0, rng_get, &rng); }
+ mbedtls_test_cli_key_len, NULL, 0); }
if (ret != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n",
(unsigned int) -ret);
@@ -1898,12 +1887,6 @@
}
#endif
-#if defined(MBEDTLS_DHM_C)
- if (opt.dhmlen != DFL_DHMLEN) {
- mbedtls_ssl_conf_dhm_min_bitlen(&conf, opt.dhmlen);
- }
-#endif
-
#if defined(MBEDTLS_SSL_ALPN)
if (opt.alpn_string != NULL) {
if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) {
@@ -1923,7 +1906,6 @@
#endif
#endif /* MBEDTLS_HAVE_TIME */
}
- mbedtls_ssl_conf_rng(&conf, rng_get, &rng);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
mbedtls_ssl_conf_read_timeout(&conf, opt.read_timeout);
@@ -1945,6 +1927,9 @@
}
#if defined(MBEDTLS_SSL_RENEGOTIATION)
mbedtls_ssl_conf_renegotiation(&conf, opt.renegotiation);
+ if (opt.renego_delay != DFL_RENEGO_DELAY) {
+ mbedtls_ssl_conf_renegotiation_enforced(&conf, opt.renego_delay);
+ }
#endif
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
@@ -2489,6 +2474,8 @@
}
mbedtls_printf(" ok\n");
}
+
+
#endif /* MBEDTLS_SSL_RENEGOTIATION */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c
index cbe9c6d..63391cd 100644
--- a/programs/ssl/ssl_context_info.c
+++ b/programs/ssl/ssl_context_info.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/debug.h"
#include "mbedtls/platform.h"
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 1bd18c1..f8752bb 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -136,8 +138,7 @@
}
ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0,
- mbedtls_ctr_drbg_random, &ctr_drbg);
+ mbedtls_test_srv_key_len, NULL, 0);
if (ret != 0) {
mbedtls_printf(" failed! mbedtls_pk_parse_key returned %d\n\n", ret);
goto exit;
@@ -159,7 +160,6 @@
goto exit;
}
- mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index bdeef9b..521bc54 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -11,6 +11,8 @@
#define _POSIX_C_SOURCE 200112L
#define _XOPEN_SOURCE 600
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
@@ -512,8 +514,7 @@
#if defined(MBEDTLS_FS_IO)
if (strlen(opt.key_file)) {
- ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, "",
- mbedtls_ctr_drbg_random, &ctr_drbg);
+ ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, "");
} else
#endif
#if defined(MBEDTLS_PEM_PARSE_C)
@@ -522,9 +523,7 @@
(const unsigned char *) mbedtls_test_cli_key,
mbedtls_test_cli_key_len,
NULL,
- 0,
- mbedtls_ctr_drbg_random,
- &ctr_drbg);
+ 0);
}
#else
{
@@ -572,7 +571,6 @@
* but makes interop easier in this simplified example */
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
- mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index d8213cb..5701a7b 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -6,6 +6,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -377,8 +379,7 @@
mbedtls_pk_init(&pkey);
ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0,
- mbedtls_ctr_drbg_random, &ctr_drbg);
+ mbedtls_test_srv_key_len, NULL, 0);
if (ret != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret);
goto exit;
@@ -400,7 +401,6 @@
goto exit;
}
- mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_mutexed_debug, stdout);
/* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index 9a90d1d..2f26ca4 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -142,8 +144,7 @@
}
ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0,
- mbedtls_ctr_drbg_random, &ctr_drbg);
+ mbedtls_test_srv_key_len, NULL, 0);
if (ret != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret);
goto exit;
@@ -178,7 +179,6 @@
goto exit;
}
- mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
#if defined(MBEDTLS_SSL_CACHE_C)
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index d9e5701..6338222 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -58,7 +58,6 @@
#endif
#include "mbedtls/pk.h"
-#include "mbedtls/dhm.h"
/* Size of memory to be allocated for the heap, when using the library's memory
* management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
@@ -127,7 +126,6 @@
#define DFL_EARLY_DATA -1
#define DFL_MAX_EARLY_DATA_SIZE ((uint32_t) -1)
#define DFL_SIG_ALGS NULL
-#define DFL_DHM_FILE NULL
#define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM
#define DFL_COOKIES 1
#define DFL_ANTI_REPLAY -1
@@ -192,9 +190,7 @@
" note: if neither crt_file/key_file nor crt_file2/key_file2 are used,\n" \
" preloaded certificate(s) and key(s) are used if available\n" \
" key_pwd2=%%s Password for key specified by key_file2 argument\n" \
- " default: none\n" \
- " dhm_file=%%s File containing Diffie-Hellman parameters\n" \
- " default: preloaded parameters\n"
+ " default: none\n"
#else
#define USAGE_IO \
"\n" \
@@ -214,7 +210,7 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
#define USAGE_SSL_ASYNC \
- " async_operations=%%c... d=decrypt, s=sign (default: -=off)\n" \
+ " async_operations=%%c... s=sign (default: -=off)\n" \
" async_private_delay1=%%d Asynchronous delay for key_file or preloaded key\n" \
" async_private_delay2=%%d Asynchronous delay for key_file2 and sni\n" \
" default: -1 (not asynchronous)\n" \
@@ -482,13 +478,13 @@
" key_opaque_algs=%%s Allowed opaque key 1 algorithms.\n" \
" comma-separated pair of values among the following:\n" \
" rsa-sign-pkcs1, rsa-sign-pss, rsa-sign-pss-sha256,\n" \
- " rsa-sign-pss-sha384, rsa-sign-pss-sha512, rsa-decrypt,\n" \
+ " rsa-sign-pss-sha384, rsa-sign-pss-sha512,\n" \
" ecdsa-sign, ecdh, none (only acceptable for\n" \
" the second value).\n" \
" key_opaque_algs2=%%s Allowed opaque key 2 algorithms.\n" \
" comma-separated pair of values among the following:\n" \
" rsa-sign-pkcs1, rsa-sign-pss, rsa-sign-pss-sha256,\n" \
- " rsa-sign-pss-sha384, rsa-sign-pss-sha512, rsa-decrypt,\n" \
+ " rsa-sign-pss-sha384, rsa-sign-pss-sha512,\n" \
" ecdsa-sign, ecdh, none (only acceptable for\n" \
" the second value).\n"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
@@ -675,7 +671,6 @@
const char *groups; /* list of supported groups */
const char *sig_algs; /* supported TLS 1.3 signature algorithms */
const char *alpn_string; /* ALPN supported protocols */
- const char *dhm_file; /* the file with the DH parameters */
int extended_ms; /* allow negotiation of extended MS? */
int etm; /* allow negotiation of encrypt-then-MAC? */
int transport; /* TLS or DTLS? */
@@ -829,7 +824,7 @@
mbedtls_pk_init(new->key);
if (mbedtls_x509_crt_parse_file(new->cert, crt_file) != 0 ||
- mbedtls_pk_parse_keyfile(new->key, key_file, "", rng_get, &rng) != 0) {
+ mbedtls_pk_parse_keyfile(new->key, key_file, "") != 0) {
goto error;
}
@@ -1180,8 +1175,7 @@
* public key. */
for (slot = 0; slot < config_data->slots_used; slot++) {
if (mbedtls_pk_check_pair(&cert->pk,
- config_data->slots[slot].pk,
- rng_get, &rng) == 0) {
+ config_data->slots[slot].pk) == 0) {
break;
}
}
@@ -1232,16 +1226,6 @@
hash, hash_len);
}
-static int ssl_async_decrypt(mbedtls_ssl_context *ssl,
- mbedtls_x509_crt *cert,
- const unsigned char *input,
- size_t input_len)
-{
- return ssl_async_start(ssl, cert,
- ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE,
- input, input_len);
-}
-
static int ssl_async_resume(mbedtls_ssl_context *ssl,
unsigned char *output,
size_t *output_len,
@@ -1265,15 +1249,13 @@
case ASYNC_OP_DECRYPT:
ret = mbedtls_pk_decrypt(key_slot->pk,
ctx->input, ctx->input_len,
- output, output_len, output_size,
- config_data->f_rng, config_data->p_rng);
+ output, output_len, output_size);
break;
case ASYNC_OP_SIGN:
ret = mbedtls_pk_sign(key_slot->pk,
ctx->md_alg,
ctx->input, ctx->input_len,
- output, output_size, output_len,
- config_data->f_rng, config_data->p_rng);
+ output, output_size, output_len);
break;
default:
mbedtls_printf(
@@ -1590,9 +1572,6 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
ssl_async_key_context_t ssl_async_keys;
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
- mbedtls_dhm_context dhm;
-#endif
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_context cache;
#endif
@@ -1681,9 +1660,6 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
memset(&ssl_async_keys, 0, sizeof(ssl_async_keys));
#endif
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
- mbedtls_dhm_init(&dhm);
-#endif
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_init(&cache);
#endif
@@ -1793,7 +1769,6 @@
opt.max_early_data_size = DFL_MAX_EARLY_DATA_SIZE;
#endif
opt.sig_algs = DFL_SIG_ALGS;
- opt.dhm_file = DFL_DHM_FILE;
opt.transport = DFL_TRANSPORT;
opt.cookies = DFL_COOKIES;
opt.anti_replay = DFL_ANTI_REPLAY;
@@ -1943,8 +1918,6 @@
opt.key_file2 = q;
} else if (strcmp(p, "key_pwd2") == 0) {
opt.key_pwd2 = q;
- } else if (strcmp(p, "dhm_file") == 0) {
- opt.dhm_file = q;
}
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
else if (strcmp(p, "async_operations") == 0) {
@@ -2667,7 +2640,7 @@
if (strlen(opt.key_file) && strcmp(opt.key_file, "none") != 0) {
key_cert_init++;
if ((ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file,
- opt.key_pwd, rng_get, &rng)) != 0) {
+ opt.key_pwd)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n",
(unsigned int) -ret);
goto exit;
@@ -2689,7 +2662,7 @@
if (strlen(opt.key_file2) && strcmp(opt.key_file2, "none") != 0) {
key_cert_init2++;
if ((ret = mbedtls_pk_parse_keyfile(&pkey2, opt.key_file2,
- opt.key_pwd2, rng_get, &rng)) != 0) {
+ opt.key_pwd2)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n",
(unsigned int) -ret);
goto exit;
@@ -2716,8 +2689,7 @@
}
if ((ret = mbedtls_pk_parse_key(&pkey,
(const unsigned char *) mbedtls_test_srv_key_rsa,
- mbedtls_test_srv_key_rsa_len, NULL, 0,
- rng_get, &rng)) != 0) {
+ mbedtls_test_srv_key_rsa_len, NULL, 0)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n",
(unsigned int) -ret);
goto exit;
@@ -2734,8 +2706,7 @@
}
if ((ret = mbedtls_pk_parse_key(&pkey2,
(const unsigned char *) mbedtls_test_srv_key_ec,
- mbedtls_test_srv_key_ec_len, NULL, 0,
- rng_get, &rng)) != 0) {
+ mbedtls_test_srv_key_ec_len, NULL, 0)) != 0) {
mbedtls_printf(" failed\n ! pk_parse_key2 returned -0x%x\n\n",
(unsigned int) -ret);
goto exit;
@@ -2787,21 +2758,6 @@
key_cert_init2 ? mbedtls_pk_get_name(&pkey2) : "none");
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
- if (opt.dhm_file != NULL) {
- mbedtls_printf(" . Loading DHM parameters...");
- fflush(stdout);
-
- if ((ret = mbedtls_dhm_parse_dhmfile(&dhm, opt.dhm_file)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
- }
-#endif
-
#if defined(SNI_OPTION)
if (opt.sni != NULL) {
mbedtls_printf(" . Setting up SNI information...");
@@ -2969,7 +2925,6 @@
#endif
#endif /* MBEDTLS_HAVE_TIME */
}
- mbedtls_ssl_conf_rng(&conf, rng_get, &rng);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
#if defined(MBEDTLS_SSL_CACHE_C)
@@ -3000,8 +2955,6 @@
#endif /* MBEDTLS_HAVE_TIME */
{
if ((ret = mbedtls_ssl_ticket_setup(&ticket_ctx,
- rng_get,
- &rng,
opt.ticket_alg,
opt.ticket_key_type,
opt.ticket_key_bits,
@@ -3043,8 +2996,7 @@
if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
#if defined(MBEDTLS_SSL_COOKIE_C)
if (opt.cookies > 0) {
- if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx,
- rng_get, &rng)) != 0) {
+ if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret);
goto exit;
}
@@ -3150,13 +3102,9 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
if (opt.async_operations[0] != '-') {
mbedtls_ssl_async_sign_t *sign = NULL;
- mbedtls_ssl_async_decrypt_t *decrypt = NULL;
const char *r;
for (r = opt.async_operations; *r; r++) {
switch (*r) {
- case 'd':
- decrypt = ssl_async_decrypt;
- break;
case 's':
sign = ssl_async_sign;
break;
@@ -3169,7 +3117,6 @@
ssl_async_keys.p_rng = &rng;
mbedtls_ssl_conf_async_private_cb(&conf,
sign,
- decrypt,
ssl_async_resume,
ssl_async_cancel,
&ssl_async_keys);
@@ -3269,22 +3216,6 @@
}
#endif
-#if defined(MBEDTLS_DHM_C)
- /*
- * Use different group than default DHM group
- */
-#if defined(MBEDTLS_FS_IO)
- if (opt.dhm_file != NULL) {
- ret = mbedtls_ssl_conf_dh_param_ctx(&conf, &dhm);
- }
-#endif
- if (ret != 0) {
- mbedtls_printf(" failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n",
- (unsigned int) -ret);
- goto exit;
- }
-#endif
-
if (opt.min_version != DFL_MIN_VERSION) {
mbedtls_ssl_conf_min_tls_version(&conf, opt.min_version);
}
@@ -4284,10 +4215,6 @@
#endif
#endif
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
- mbedtls_dhm_free(&dhm);
-#endif
-
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
for (i = 0; (size_t) i < ssl_async_keys.slots_used; i++) {
if (ssl_async_keys.slots[i].pk_owned) {
diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c
index 6c7eed5..354e97e 100644
--- a/programs/ssl/ssl_test_common_source.c
+++ b/programs/ssl/ssl_test_common_source.c
@@ -315,6 +315,7 @@
};
#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/** Functionally equivalent to mbedtls_x509_crt_verify_info, see that function
* for more info.
@@ -352,7 +353,6 @@
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
static void mbedtls_print_supported_sig_algs(void)
{
mbedtls_printf("supported signature algorithms:\n");
diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c
index 2c68489..6aa60fb 100644
--- a/programs/ssl/ssl_test_lib.c
+++ b/programs/ssl/ssl_test_lib.c
@@ -8,6 +8,7 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
#include "ssl_test_lib.h"
@@ -197,7 +198,6 @@
strcmp(*alg1, "rsa-sign-pss-sha256") != 0 &&
strcmp(*alg1, "rsa-sign-pss-sha384") != 0 &&
strcmp(*alg1, "rsa-sign-pss-sha512") != 0 &&
- strcmp(*alg1, "rsa-decrypt") != 0 &&
strcmp(*alg1, "ecdsa-sign") != 0 &&
strcmp(*alg1, "ecdh") != 0) {
return 1;
@@ -208,7 +208,6 @@
strcmp(*alg1, "rsa-sign-pss-sha256") != 0 &&
strcmp(*alg1, "rsa-sign-pss-sha384") != 0 &&
strcmp(*alg1, "rsa-sign-pss-sha512") != 0 &&
- strcmp(*alg2, "rsa-decrypt") != 0 &&
strcmp(*alg2, "ecdsa-sign") != 0 &&
strcmp(*alg2, "ecdh") != 0 &&
strcmp(*alg2, "none") != 0) {
@@ -245,9 +244,6 @@
} else if (strcmp(algs[i], "rsa-sign-pss-sha512") == 0) {
*psa_algs[i] = PSA_ALG_RSA_PSS(PSA_ALG_SHA_512);
*usage |= PSA_KEY_USAGE_SIGN_HASH;
- } else if (strcmp(algs[i], "rsa-decrypt") == 0) {
- *psa_algs[i] = PSA_ALG_RSA_PKCS1V15_CRYPT;
- *usage |= PSA_KEY_USAGE_DECRYPT;
} else if (strcmp(algs[i], "ecdsa-sign") == 0) {
*psa_algs[i] = PSA_ALG_ECDSA(PSA_ALG_ANY_HASH);
*usage |= PSA_KEY_USAGE_SIGN_HASH;
diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h
index 6fc3d73..c001a2a 100644
--- a/programs/ssl/ssl_test_lib.h
+++ b/programs/ssl/ssl_test_lib.h
@@ -202,7 +202,6 @@
* Coma-separated pair of values among the following:
* - "rsa-sign-pkcs1"
* - "rsa-sign-pss"
- * - "rsa-decrypt"
* - "ecdsa-sign"
* - "ecdh"
* - "none" (only acceptable for the second value).
@@ -243,8 +242,8 @@
* - free the provided PK context and re-initilize it as an opaque PK context
* wrapping the PSA key imported in the above step.
*
- * \param[in/out] pk On input the non-opaque PK context which contains the
- * key to be wrapped. On output the re-initialized PK
+ * \param[in,out] pk On input, the non-opaque PK context which contains the
+ * key to be wrapped. On output, the re-initialized PK
* context which represents the opaque version of the one
* provided as input.
* \param[in] psa_alg The primary algorithm that will be associated to the
diff --git a/programs/test/cmake_package/cmake_package.c b/programs/test/cmake_package/cmake_package.c
index 729800a..f7d5230 100644
--- a/programs/test/cmake_package/cmake_package.c
+++ b/programs/test/cmake_package/cmake_package.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/test/cmake_package_install/cmake_package_install.c b/programs/test/cmake_package_install/cmake_package_install.c
index 44a2ada..fb68883 100644
--- a/programs/test/cmake_package_install/cmake_package_install.c
+++ b/programs/test/cmake_package_install/cmake_package_install.c
@@ -6,6 +6,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/test/cmake_subproject/cmake_subproject.c b/programs/test/cmake_subproject/cmake_subproject.c
index 8b4f18e..efab789 100644
--- a/programs/test/cmake_subproject/cmake_subproject.c
+++ b/programs/test/cmake_subproject/cmake_subproject.c
@@ -6,6 +6,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/test/dlopen.c b/programs/test/dlopen.c
index 3a0f37d..ec4ee7e 100644
--- a/programs/test/dlopen.c
+++ b/programs/test/dlopen.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index e72386f..546716f 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -5,12 +5,13 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/entropy.h"
#include "mbedtls/hmac_drbg.h"
#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/dhm.h"
#include "mbedtls/gcm.h"
#include "mbedtls/ccm.h"
#include "mbedtls/cmac.h"
@@ -350,9 +351,6 @@
#if defined(MBEDTLS_ECJPAKE_C)
{ "ecjpake", mbedtls_ecjpake_self_test },
#endif
-#if defined(MBEDTLS_DHM_C)
- { "dhm", mbedtls_dhm_self_test },
-#endif
#if defined(MBEDTLS_ENTROPY_C)
{ "entropy", mbedtls_entropy_self_test_wrapper },
#endif
diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c
index 43d2e8c..6e9ebf9 100644
--- a/programs/test/udp_proxy.c
+++ b/programs/test/udp_proxy.c
@@ -12,6 +12,8 @@
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#if defined(MBEDTLS_PLATFORM_C)
diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c
index 177365b..9515ed4 100644
--- a/programs/util/pem2der.c
+++ b/programs/util/pem2der.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/util/strerror.c b/programs/util/strerror.c
index 316f286..e20bed6 100644
--- a/programs/util/strerror.c
+++ b/programs/util/strerror.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/wince_main.c b/programs/wince_main.c
deleted file mode 100644
index e817b9f..0000000
--- a/programs/wince_main.c
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Windows CE console application entry point
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#if defined(_WIN32_WCE)
-
-#include <windows.h>
-
-extern int main(int, const char **);
-
-int _tmain(int argc, _TCHAR *targv[])
-{
- char **argv;
- int i;
-
- argv = (char **) calloc(argc, sizeof(char *));
-
- for (i = 0; i < argc; i++) {
- size_t len;
- len = _tcslen(targv[i]) + 1;
- argv[i] = (char *) calloc(len, sizeof(char));
- wcstombs(argv[i], targv[i], len);
- }
-
- return main(argc, argv);
-}
-
-#endif /* defined(_WIN32_WCE) */
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index cb1e5bc..d9d5bb6 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -381,7 +383,6 @@
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE);
}
- mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index 0dc4c97..f09e938 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -107,9 +109,7 @@
mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */
} opt;
-static int write_certificate_request(mbedtls_x509write_csr *req, const char *output_file,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng)
+static int write_certificate_request(mbedtls_x509write_csr *req, const char *output_file)
{
int ret;
FILE *f;
@@ -117,7 +117,7 @@
size_t len = 0;
memset(output_buf, 0, 4096);
- if ((ret = mbedtls_x509write_csr_pem(req, output_buf, 4096, f_rng, p_rng)) < 0) {
+ if ((ret = mbedtls_x509write_csr_pem(req, output_buf, 4096)) < 0) {
return ret;
}
@@ -452,8 +452,7 @@
mbedtls_printf(" . Loading the private key ...");
fflush(stdout);
- ret = mbedtls_pk_parse_keyfile(&key, opt.filename, opt.password,
- mbedtls_ctr_drbg_random, &ctr_drbg);
+ ret = mbedtls_pk_parse_keyfile(&key, opt.filename, opt.password);
if (ret != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned %d", ret);
@@ -470,8 +469,7 @@
mbedtls_printf(" . Writing the certificate request ...");
fflush(stdout);
- if ((ret = write_certificate_request(&req, opt.output_file,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+ if ((ret = write_certificate_request(&req, opt.output_file)) != 0) {
mbedtls_printf(" failed\n ! write_certificate_request %d", ret);
goto exit;
}
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index b15e281..9776dc1 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
@@ -204,9 +206,7 @@
int format; /* format */
} opt;
-static int write_certificate(mbedtls_x509write_cert *crt, const char *output_file,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng)
+static int write_certificate(mbedtls_x509write_cert *crt, const char *output_file)
{
int ret;
FILE *f;
@@ -216,8 +216,7 @@
memset(output_buf, 0, 4096);
if (opt.format == FORMAT_DER) {
- ret = mbedtls_x509write_crt_der(crt, output_buf, 4096,
- f_rng, p_rng);
+ ret = mbedtls_x509write_crt_der(crt, output_buf, 4096);
if (ret < 0) {
return ret;
}
@@ -225,8 +224,7 @@
len = ret;
output_start = output_buf + 4096 - len;
} else {
- ret = mbedtls_x509write_crt_pem(crt, output_buf, 4096,
- f_rng, p_rng);
+ ret = mbedtls_x509write_crt_pem(crt, output_buf, 4096);
if (ret < 0) {
return ret;
}
@@ -778,7 +776,7 @@
fflush(stdout);
ret = mbedtls_pk_parse_keyfile(&loaded_subject_key, opt.subject_key,
- opt.subject_pwd, mbedtls_ctr_drbg_random, &ctr_drbg);
+ opt.subject_pwd);
if (ret != 0) {
mbedtls_strerror(ret, buf, sizeof(buf));
mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile "
@@ -793,7 +791,7 @@
fflush(stdout);
ret = mbedtls_pk_parse_keyfile(&loaded_issuer_key, opt.issuer_key,
- opt.issuer_pwd, mbedtls_ctr_drbg_random, &ctr_drbg);
+ opt.issuer_pwd);
if (ret != 0) {
mbedtls_strerror(ret, buf, sizeof(buf));
mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile "
@@ -804,8 +802,7 @@
// Check if key and issuer certificate match
//
if (strlen(opt.issuer_crt)) {
- if (mbedtls_pk_check_pair(&issuer_crt.pk, issuer_key,
- mbedtls_ctr_drbg_random, &ctr_drbg) != 0) {
+ if (mbedtls_pk_check_pair(&issuer_crt.pk, issuer_key) != 0) {
mbedtls_printf(" failed\n ! issuer_key does not match "
"issuer certificate\n\n");
goto exit;
@@ -982,8 +979,7 @@
mbedtls_printf(" . Writing the certificate...");
fflush(stdout);
- if ((ret = write_certificate(&crt, opt.output_file,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+ if ((ret = write_certificate(&crt, opt.output_file)) != 0) {
mbedtls_strerror(ret, buf, sizeof(buf));
mbedtls_printf(" failed\n ! write_certificate -0x%04x - %s\n\n",
(unsigned int) -ret, buf);
diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c
index 5e3fd5a..fee8b69 100644
--- a/programs/x509/crl_app.c
+++ b/programs/x509/crl_app.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c
index d14537f..2ae7c9b 100644
--- a/programs/x509/load_roots.c
+++ b/programs/x509/load_roots.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c
index fff0983..2929d68 100644
--- a/programs/x509/req_app.c
+++ b/programs/x509/req_app.c
@@ -5,6 +5,8 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
+#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
+
#include "mbedtls/build_info.h"
#include "mbedtls/platform.h"
diff --git a/scripts/config.py b/scripts/config.py
index 3508ce4..417f6e2 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -162,7 +162,6 @@
'MBEDTLS_PLATFORM_FPRINTF_ALT', # requires FILE* from stdio.h
'MBEDTLS_PLATFORM_NV_SEED_ALT', # requires a filesystem and ENTROPY_NV_SEED
'MBEDTLS_PLATFORM_TIME_ALT', # requires a clock and HAVE_TIME
- 'MBEDTLS_PSA_CRYPTO_SE_C', # requires a filesystem and PSA_CRYPTO_STORAGE_C
'MBEDTLS_PSA_CRYPTO_STORAGE_C', # requires a filesystem
'MBEDTLS_PSA_ITS_FILE_C', # requires a filesystem
'MBEDTLS_THREADING_C', # requires a threading interface
@@ -238,7 +237,6 @@
return continuation
DEPRECATED = frozenset([
- 'MBEDTLS_PSA_CRYPTO_SE_C',
*PSA_DEPRECATED_FEATURE
])
def no_deprecated_adapter(adapter):
diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt
index b75a9ab..14522ec 100644
--- a/scripts/data_files/error.fmt
+++ b/scripts/data_files/error.fmt
@@ -20,7 +20,7 @@
HEADER_INCLUDED
-const char *mbedtls_high_level_strerr(int error_code)
+static const char *mbedtls_high_level_strerr(int error_code)
{
int high_level_error_code;
@@ -43,7 +43,7 @@
return NULL;
}
-const char *mbedtls_low_level_strerr(int error_code)
+static const char *mbedtls_low_level_strerr(int error_code)
{
int low_level_error_code;
diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt
index b60aba0..9be9674 100644
--- a/scripts/data_files/query_config.fmt
+++ b/scripts/data_files/query_config.fmt
@@ -34,7 +34,6 @@
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/debug.h"
#include "mbedtls/des.h"
-#include "mbedtls/dhm.h"
#include "mbedtls/ecdh.h"
#include "mbedtls/ecdsa.h"
#include "mbedtls/ecjpake.h"
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index c051842..aae1fc8 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -40,7 +40,7 @@
ENTROPY ERROR GCM HKDF HMAC_DRBG LMS MD5
NET OID PBKDF2 PLATFORM POLY1305 RIPEMD160
SHA1 SHA256 SHA512 SHA3 THREADING );
-my @high_level_modules = qw( CIPHER DHM ECP MD
+my @high_level_modules = qw( CIPHER ECP MD
PEM PK PKCS12 PKCS5
RSA SSL X509 PKCS7 );
diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index 053040a..8152189 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -11,9 +11,18 @@
use warnings;
use strict;
+use Getopt::Long;
use Digest::MD5 'md5_hex';
+# Declare variables for options
my $vsx_dir = "visualc/VS2017";
+my $list = 0; # Default off
+
+GetOptions(
+ "directory=s" => \$vsx_dir, # Target directory
+ "list" => \$list # Only list generated files
+) or die "Invalid options\n";
+
my $vsx_ext = "vcxproj";
my $vsx_app_tpl_file = "scripts/data_files/vs2017-app-template.$vsx_ext";
my $vsx_main_tpl_file = "scripts/data_files/vs2017-main-template.$vsx_ext";
@@ -33,6 +42,8 @@
my $crypto_source_dir = 'tf-psa-crypto/drivers/builtin/src';
my $tls_test_source_dir = 'tests/src';
my $tls_test_header_dir = 'tests/include/test';
+my $crypto_test_source_dir = 'tf-psa-crypto/tests/src';
+my $crypto_test_header_dir = 'tf-psa-crypto/tests/include/test';
my $test_source_dir = 'framework/tests/src';
my $test_header_dir = 'framework/tests/include/test';
my $test_drivers_header_dir = 'framework/tests/include/test/drivers';
@@ -59,6 +70,7 @@
tf-psa-crypto/drivers/everest/include/everest/vs2013
tf-psa-crypto/drivers/everest/include/everest/kremlib
tests/include
+ tf-psa-crypto/tests/include
framework/tests/include
framework/tests/programs
);
@@ -122,9 +134,11 @@
&& -d $crypto_source_dir
&& -d $test_source_dir
&& -d $tls_test_source_dir
+ && -d $crypto_test_source_dir
&& -d $test_drivers_source_dir
&& -d $test_header_dir
&& -d $tls_test_header_dir
+ && -d $crypto_test_header_dir
&& -d $test_drivers_header_dir
&& -d $mbedtls_programs_dir
&& -d $framework_programs_dir
@@ -280,7 +294,9 @@
# Remove old files to ensure that, for example, project files from deleted
# apps are not kept
- del_vsx_files();
+ if (not $list) {
+ del_vsx_files();
+ }
my @app_list = get_app_list();
my @header_dirs = (
@@ -289,6 +305,7 @@
$psa_header_dir,
$test_header_dir,
$tls_test_header_dir,
+ $crypto_test_header_dir,
$test_drivers_header_dir,
$tls_source_dir,
$crypto_core_source_dir,
@@ -303,6 +320,7 @@
$crypto_source_dir,
$test_source_dir,
$tls_test_source_dir,
+ $crypto_test_source_dir,
$test_drivers_source_dir,
@thirdparty_source_dirs,
);
@@ -313,13 +331,22 @@
map { s!/!\\!g } @headers;
map { s!/!\\!g } @sources;
- gen_app_files( @app_list );
+ if ($list) {
+ foreach my $app (@app_list) {
+ $app =~ s/.*\///;
+ print "$vsx_dir/$app.$vsx_ext\n";
+ }
+ print "$vsx_main_file\n";
+ print "$vsx_sln_file\n";
+ } else {
+ gen_app_files( @app_list );
- gen_main_file( \@headers, \@sources,
- $vsx_hdr_tpl, $vsx_src_tpl,
- $vsx_main_tpl_file, $vsx_main_file );
+ gen_main_file( \@headers, \@sources,
+ $vsx_hdr_tpl, $vsx_src_tpl,
+ $vsx_main_tpl_file, $vsx_main_file );
- gen_vsx_solution( @app_list );
+ gen_vsx_solution( @app_list );
+ }
return 0;
}
diff --git a/scripts/make_generated_files.bat b/scripts/make_generated_files.bat
index 4982f77..418b668 100644
--- a/scripts/make_generated_files.bat
+++ b/scripts/make_generated_files.bat
@@ -7,29 +7,30 @@
@rem the "CC" environment variable must point to a C compiler.
@rem @@@@ library\** @@@@
-@rem psa_crypto_driver_wrappers.h needs to be generated prior to
-@rem generate_visualc_files.pl being invoked.
python tf-psa-crypto\scripts\generate_driver_wrappers.py || exit /b 1
perl scripts\generate_errors.pl || exit /b 1
perl scripts\generate_query_config.pl || exit /b 1
perl scripts\generate_features.pl || exit /b 1
python framework\scripts\generate_ssl_debug_helpers.py || exit /b 1
-@rem @@@@ Build @@@@
-perl scripts\generate_visualc_files.pl || exit /b 1
-
@rem @@@@ programs\** @@@@
cd tf-psa-crypto
python scripts\generate_psa_constants.py || exit /b 1
+python framework\scripts\generate_config_tests.py || exit /b 1
cd ..
@rem @@@@ tests\** @@@@
python framework\scripts\generate_bignum_tests.py --directory tf-psa-crypto\tests\suites || exit /b 1
-python framework\scripts\generate_config_tests.py tests\suites\test_suite_config.mbedtls_boolean.data || exit /b 1
-python framework\scripts\generate_config_tests.py --directory tf-psa-crypto\tests\suites tests\suites\test_suite_config.psa_boolean.data || exit /b 1
+python framework\scripts\generate_config_tests.py || exit /b 1
python framework\scripts\generate_ecp_tests.py --directory tf-psa-crypto\tests\suites || exit /b 1
python framework\scripts\generate_psa_tests.py --directory tf-psa-crypto\tests\suites || exit /b 1
-python framework\scripts\generate_test_keys.py --output framework\tests\include\test\test_keys.h || exit /b 1
-python tf-psa-crypto\framework\scripts\generate_test_keys.py --output tf-psa-crypto\framework\tests\include\test\test_keys.h || exit /b 1
-python framework\scripts\generate_test_cert_macros.py --output tests\src\test_certs.h || exit /b 1
+python framework\scripts\generate_test_keys.py --output tests\include\test\test_keys.h || exit /b 1
+python tf-psa-crypto\framework\scripts\generate_test_keys.py --output tf-psa-crypto\tests\include\test\test_keys.h || exit /b 1
+python framework\scripts\generate_test_cert_macros.py --output tests\include\test\test_certs.h || exit /b 1
+python framework\scripts\generate_tls_handshake_tests.py || exit /b 1
python framework\scripts\generate_tls13_compat_tests.py || exit /b 1
+
+@rem @@@@ Build @@@@
+@rem Call generate_visualc_files.pl last to be sure everything else has been
+@rem generated before.
+perl scripts\generate_visualc_files.pl || exit /b 1
diff --git a/tests/.gitignore b/tests/.gitignore
index 997101c..e58c8f0 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -18,9 +18,10 @@
###START_GENERATED_FILES###
# Generated source files
+/opt-testcases/handshake-generated.sh
/opt-testcases/tls13-compat.sh
/suites/*.generated.data
/suites/test_suite_config.mbedtls_boolean.data
-/src/test_keys.h
-/src/test_certs.h
+/include/test/test_keys.h
+/include/test/test_certs.h
###END_GENERATED_FILES###
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 950c365..d12133d 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -19,15 +19,9 @@
WORKING_DIRECTORY
${CMAKE_CURRENT_SOURCE_DIR}/..
OUTPUT_VARIABLE
- base_config_generated_data_files_raw)
+ base_config_generated_data_files)
string(REGEX REPLACE "[^;]*/" ""
- base_config_generated_data_files_raw "${base_config_generated_data_files_raw}")
-# Can be replace by list(FILTER ...) when CI CMake version is >=3.6
-foreach(file ${base_config_generated_data_files_raw})
- if(${file} MATCHES "mbedtls")
- list(APPEND base_config_generated_data_files ${file})
- endif()
-endforeach()
+ base_config_generated_data_files "${base_config_generated_data_files}")
# Derive generated file paths in the build directory. The generated data
# files go into the suites/ subdirectory.
@@ -50,13 +44,30 @@
${MBEDTLS_PYTHON_EXECUTABLE}
${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_config_tests.py
--directory ${CMAKE_CURRENT_BINARY_DIR}/suites
- ${config_generated_data_files}
DEPENDS
${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_config_tests.py
# Do not declare the configuration files as dependencies: they
# change too often in ways that don't affect the result
# ((un)commenting some options).
)
+
+ add_custom_command(
+ OUTPUT
+ ${CMAKE_CURRENT_SOURCE_DIR}/opt-testcases/handshake-generated.sh
+ WORKING_DIRECTORY
+ ${CMAKE_CURRENT_SOURCE_DIR}/..
+ COMMAND
+ "${MBEDTLS_PYTHON_EXECUTABLE}"
+ "${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_tls_handshake_tests.py"
+ DEPENDS
+ ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/mbedtls_framework/tls_test_case.py
+ ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_tls_handshake_tests.py
+ )
+ add_custom_target(handshake-generated.sh
+ DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/opt-testcases/handshake-generated.sh)
+ set_target_properties(handshake-generated.sh PROPERTIES EXCLUDE_FROM_ALL NO)
+ add_dependencies(${ssl_opt_target} handshake-generated.sh)
+
add_custom_command(
OUTPUT
${CMAKE_CURRENT_SOURCE_DIR}/opt-testcases/tls13-compat.sh
@@ -165,6 +176,7 @@
# files are automatically included because the library targets declare
# them as PUBLIC.
target_include_directories(test_suite_${data_name}
+ PRIVATE ${CMAKE_CURRENT_BINARY_DIR}/include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../framework/tests/include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../library
diff --git a/tests/Makefile b/tests/Makefile
index 7bd9953..87a6ca1 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -25,16 +25,23 @@
endif
GENERATED_CRYPTO_DATA_FILES += $(GENERATED_BIGNUM_DATA_FILES)
-GENERATED_CONFIG_DATA_FILES_RAW := $(patsubst tests/%,%,$(shell \
+GENERATED_MBEDTLS_CONFIG_DATA_FILES := $(patsubst tests/%,%,$(shell \
$(PYTHON) ../framework/scripts/generate_config_tests.py --list || \
echo FAILED \
))
-ifeq ($(GENERATED_CONFIG_DATA_FILES),FAILED)
+ifeq ($(GENERATED_MBEDTLS_CONFIG_DATA_FILES),FAILED)
$(error "$(PYTHON) ../framework/scripts/generate_config_tests.py --list" failed)
endif
-GENERATED_MBEDTLS_CONFIG_DATA_FILES := $(foreach file,$(GENERATED_CONFIG_DATA_FILES_RAW),$(if $(findstring mbedtls,$(file)),$(file),))
-GENERATED_PSA_CONFIG_DATA_FILES := $(foreach file,$(GENERATED_CONFIG_DATA_FILES_RAW),$(if $(findstring psa,$(file)),$(addprefix ../tf-psa-crypto/tests/,$(file)),))
-GENERATED_CONFIG_DATA_FILES := $(GENERATED_MBEDTLS_CONFIG_DATA_FILES)$(GENERATED_PSA_CONFIG_DATA_FILES)
+
+GENERATED_PSA_CONFIG_DATA_FILES := $(addprefix ../tf-psa-crypto/,$(shell \
+ $(PYTHON) ../tf-psa-crypto/framework/scripts/generate_config_tests.py --list || \
+ echo FAILED \
+))
+ifeq ($(GENERATED_PSA_CONFIG_DATA_FILES),FAILED)
+$(error "$(PYTHON) ../tf-psa-crypto/framework/scripts/generate_config_tests.py --list" failed)
+endif
+
+GENERATED_CONFIG_DATA_FILES := $(GENERATED_MBEDTLS_CONFIG_DATA_FILES) $(GENERATED_PSA_CONFIG_DATA_FILES)
GENERATED_DATA_FILES += $(GENERATED_MBEDTLS_CONFIG_DATA_FILES)
GENERATED_CRYPTO_DATA_FILES += $(GENERATED_PSA_CONFIG_DATA_FILES)
@@ -57,13 +64,20 @@
GENERATED_CRYPTO_DATA_FILES += $(GENERATED_PSA_DATA_FILES)
GENERATED_FILES = $(GENERATED_DATA_FILES) $(GENERATED_CRYPTO_DATA_FILES)
-GENERATED_FILES += ../framework/tests/include/test/test_keys.h \
- ../tf-psa-crypto/framework/tests/include/test/test_keys.h \
- src/test_certs.h
+GENERATED_FILES += include/test/test_keys.h \
+ ../tf-psa-crypto/tests/include/test/test_keys.h \
+ include/test/test_certs.h
# Generated files needed to (fully) run ssl-opt.sh
.PHONY: ssl-opt
+opt-testcases/handshake-generated.sh: ../framework/scripts/mbedtls_framework/tls_test_case.py
+opt-testcases/handshake-generated.sh: ../framework/scripts/generate_tls_handshake_tests.py
+ echo " Gen $@"
+ $(PYTHON) ../framework/scripts/generate_tls_handshake_tests.py -o $@
+GENERATED_FILES += opt-testcases/handshake-generated.sh
+ssl-opt: opt-testcases/handshake-generated.sh
+
opt-testcases/tls13-compat.sh: ../framework/scripts/generate_tls13_compat_tests.py
echo " Gen $@"
$(PYTHON) ../framework/scripts/generate_tls13_compat_tests.py -o $@
@@ -105,8 +119,8 @@
generated_config_test_data: ../framework/scripts/mbedtls_framework/test_data_generation.py
generated_config_test_data:
echo " Gen $(GENERATED_CONFIG_DATA_FILES)"
- $(PYTHON) ../framework/scripts/generate_config_tests.py $(GENERATED_MBEDTLS_CONFIG_DATA_FILES)
- $(PYTHON) ../framework/scripts/generate_config_tests.py --directory ../tf-psa-crypto/tests/suites $(GENERATED_PSA_CONFIG_DATA_FILES)
+ $(PYTHON) ../framework/scripts/generate_config_tests.py
+ cd ../tf-psa-crypto && $(PYTHON) ./framework/scripts/generate_config_tests.py
.SECONDARY: generated_config_test_data
$(GENERATED_ECP_DATA_FILES): $(gen_file_dep) generated_ecp_test_data
@@ -170,16 +184,16 @@
mbedtls_test: $(MBEDTLS_TEST_OBJS)
-src/test_certs.h: ../framework/scripts/generate_test_cert_macros.py \
+include/test/test_certs.h: ../framework/scripts/generate_test_cert_macros.py \
$($(PYTHON) ../framework/scripts/generate_test_cert_macros.py --list-dependencies)
echo " Gen $@"
$(PYTHON) ../framework/scripts/generate_test_cert_macros.py --output $@
-../framework/tests/include/test/test_keys.h: ../framework/scripts/generate_test_keys.py
+include/test/test_keys.h: ../framework/scripts/generate_test_keys.py
echo " Gen $@"
$(PYTHON) ../framework/scripts/generate_test_keys.py --output $@
-../tf-psa-crypto/framework/tests/include/test/test_keys.h: ../tf-psa-crypto/framework/scripts/generate_test_keys.py
+../tf-psa-crypto/tests/include/test/test_keys.h: ../tf-psa-crypto/framework/scripts/generate_test_keys.py
echo " Gen $@"
$(PYTHON) ../tf-psa-crypto/framework/scripts/generate_test_keys.py --output $@
@@ -190,8 +204,8 @@
# therefore the wildcard enumeration above doesn't include it.
TEST_OBJS_DEPS += ../framework/tests/include/test/instrument_record_status.h
endif
-TEST_OBJS_DEPS += src/test_certs.h ../framework/tests/include/test/test_keys.h \
- ../tf-psa-crypto/framework/tests/include/test/test_keys.h
+TEST_OBJS_DEPS += include/test/test_certs.h include/test/test_keys.h \
+ ../tf-psa-crypto/tests/include/test/test_keys.h
# Rule to compile common test C files in framework
../framework/tests/src/%.o : ../framework/tests/src/%.c $(TEST_OBJS_DEPS)
diff --git a/tests/compat.sh b/tests/compat.sh
index de8c1bb..975d8dc 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -327,17 +327,6 @@
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 \
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 \
TLS_ECDHE_RSA_WITH_NULL_SHA \
- TLS_RSA_WITH_AES_128_CBC_SHA \
- TLS_RSA_WITH_AES_128_CBC_SHA256 \
- TLS_RSA_WITH_AES_128_GCM_SHA256 \
- TLS_RSA_WITH_AES_256_CBC_SHA \
- TLS_RSA_WITH_AES_256_CBC_SHA256 \
- TLS_RSA_WITH_AES_256_GCM_SHA384 \
- TLS_RSA_WITH_CAMELLIA_128_CBC_SHA \
- TLS_RSA_WITH_CAMELLIA_256_CBC_SHA \
- TLS_RSA_WITH_NULL_MD5 \
- TLS_RSA_WITH_NULL_SHA \
- TLS_RSA_WITH_NULL_SHA256 \
"
;;
@@ -388,8 +377,6 @@
TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 \
TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 \
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 \
- TLS_RSA_WITH_ARIA_128_GCM_SHA256 \
- TLS_RSA_WITH_ARIA_256_GCM_SHA384 \
"
;;
@@ -437,14 +424,6 @@
TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 \
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 \
TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 \
- TLS_RSA_WITH_AES_128_CCM \
- TLS_RSA_WITH_AES_128_CCM_8 \
- TLS_RSA_WITH_AES_256_CCM \
- TLS_RSA_WITH_AES_256_CCM_8 \
- TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 \
- TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 \
- TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 \
- TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 \
"
;;
@@ -506,8 +485,6 @@
M_CIPHERS="$M_CIPHERS \
TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 \
TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 \
- TLS_RSA_WITH_ARIA_128_CBC_SHA256 \
- TLS_RSA_WITH_ARIA_256_CBC_SHA384 \
"
;;
diff --git a/tests/context-info.sh b/tests/context-info.sh
index 6c08b86..066bd3d 100755
--- a/tests/context-info.sh
+++ b/tests/context-info.sh
@@ -241,16 +241,6 @@
-u "basic constraints.* CA=false$" \
-n "bytes left to analyze from context"
-run_test "Ciphersuite TLS-RSA-WITH-AES-256-CCM-8, server" \
- "srv_ciphersuite.txt" \
- -n "ERROR" \
- -u "ciphersuite.* TLS-RSA-WITH-AES-256-CCM-8$" \
-
-run_test "Ciphersuite TLS-RSA-WITH-AES-256-CCM-8, client" \
- "cli_ciphersuite.txt" \
- -n "ERROR" \
- -u "ciphersuite.* TLS-RSA-WITH-AES-256-CCM-8$" \
-
run_test "No packing, server" \
"srv_no_packing.txt" \
-n "ERROR" \
diff --git a/tests/include/test/certs.h b/tests/include/test/certs.h
index db69536..31f4477 100644
--- a/tests/include/test/certs.h
+++ b/tests/include/test/certs.h
@@ -1,7 +1,7 @@
/**
* \file certs.h
*
- * \brief Sample certificates and DHM parameters for testing
+ * \brief Sample certificates for testing
*/
/*
* Copyright The Mbed TLS Contributors
diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h
index e5b8d74..3ba314f 100644
--- a/tests/include/test/ssl_helpers.h
+++ b/tests/include/test/ssl_helpers.h
@@ -66,10 +66,16 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
#endif
+
+#if defined(PSA_WANT_ALG_GCM) || \
+ defined(PSA_WANT_ALG_CCM) || \
+ defined(PSA_WANT_ALG_CHACHA20_POLY1305)
+#define MBEDTLS_TEST_HAS_AEAD_ALG
+#endif
+
enum {
#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \
tls13_label_ ## name,
diff --git a/tests/psa-client-server/psasim/src/psa_functions_codes.h b/tests/psa-client-server/psasim/src/psa_functions_codes.h
index 4be53c5..74746b6 100644
--- a/tests/psa-client-server/psasim/src/psa_functions_codes.h
+++ b/tests/psa-client-server/psasim/src/psa_functions_codes.h
@@ -26,6 +26,7 @@
PSA_AEAD_VERIFY,
PSA_ASYMMETRIC_DECRYPT,
PSA_ASYMMETRIC_ENCRYPT,
+ PSA_CAN_DO_HASH,
PSA_CIPHER_ABORT,
PSA_CIPHER_DECRYPT,
PSA_CIPHER_DECRYPT_SETUP,
@@ -39,6 +40,10 @@
PSA_DESTROY_KEY,
PSA_EXPORT_KEY,
PSA_EXPORT_PUBLIC_KEY,
+ PSA_EXPORT_PUBLIC_KEY_IOP_ABORT,
+ PSA_EXPORT_PUBLIC_KEY_IOP_COMPLETE,
+ PSA_EXPORT_PUBLIC_KEY_IOP_GET_NUM_OPS,
+ PSA_EXPORT_PUBLIC_KEY_IOP_SETUP,
PSA_GENERATE_KEY,
PSA_GENERATE_KEY_CUSTOM,
PSA_GENERATE_KEY_IOP_ABORT,
diff --git a/tests/psa-client-server/psasim/src/psa_sim_crypto_client.c b/tests/psa-client-server/psasim/src/psa_sim_crypto_client.c
index f6efd62..635a705 100644
--- a/tests/psa-client-server/psasim/src/psa_sim_crypto_client.c
+++ b/tests/psa-client-server/psasim/src/psa_sim_crypto_client.c
@@ -1544,6 +1544,68 @@
}
+int psa_can_do_hash(
+ psa_algorithm_t hash_alg
+ )
+{
+ uint8_t *ser_params = NULL;
+ uint8_t *ser_result = NULL;
+ size_t result_length;
+ int value = 0;
+
+ size_t needed =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_algorithm_t_needs(hash_alg);
+
+ ser_params = malloc(needed);
+ if (ser_params == NULL) {
+ goto fail;
+ }
+
+ uint8_t *pos = ser_params;
+ size_t remaining = needed;
+ int ok;
+ ok = psasim_serialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_psa_algorithm_t(
+ &pos, &remaining,
+ hash_alg);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psa_crypto_call(PSA_CAN_DO_HASH,
+ ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
+ if (!ok) {
+ printf("PSA_CAN_DO_HASH server call failed\n");
+ goto fail;
+ }
+
+ uint8_t *rpos = ser_result;
+ size_t rremain = result_length;
+
+ ok = psasim_deserialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_int(
+ &rpos, &rremain,
+ &value);
+ if (!ok) {
+ goto fail;
+ }
+
+fail:
+ free(ser_params);
+ free(ser_result);
+
+ return value;
+}
+
+
psa_status_t psa_cipher_abort(
psa_cipher_operation_t *operation
)
@@ -2725,6 +2787,324 @@
}
+psa_status_t psa_export_public_key_iop_abort(
+ psa_export_public_key_iop_t *operation
+ )
+{
+ uint8_t *ser_params = NULL;
+ uint8_t *ser_result = NULL;
+ size_t result_length;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ size_t needed =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_export_public_key_iop_t_needs(*operation);
+
+ ser_params = malloc(needed);
+ if (ser_params == NULL) {
+ status = PSA_ERROR_INSUFFICIENT_MEMORY;
+ goto fail;
+ }
+
+ uint8_t *pos = ser_params;
+ size_t remaining = needed;
+ int ok;
+ ok = psasim_serialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ *operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psa_crypto_call(PSA_EXPORT_PUBLIC_KEY_IOP_ABORT,
+ ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
+ if (!ok) {
+ printf("PSA_EXPORT_PUBLIC_KEY_IOP_ABORT server call failed\n");
+ goto fail;
+ }
+
+ uint8_t *rpos = ser_result;
+ size_t rremain = result_length;
+
+ ok = psasim_deserialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_status_t(
+ &rpos, &rremain,
+ &status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+fail:
+ free(ser_params);
+ free(ser_result);
+
+ return status;
+}
+
+
+psa_status_t psa_export_public_key_iop_complete(
+ psa_export_public_key_iop_t *operation,
+ uint8_t *data, size_t data_size,
+ size_t *data_length
+ )
+{
+ uint8_t *ser_params = NULL;
+ uint8_t *ser_result = NULL;
+ size_t result_length;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ size_t needed =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_export_public_key_iop_t_needs(*operation) +
+ psasim_serialise_buffer_needs(data, data_size) +
+ psasim_serialise_size_t_needs(*data_length);
+
+ ser_params = malloc(needed);
+ if (ser_params == NULL) {
+ status = PSA_ERROR_INSUFFICIENT_MEMORY;
+ goto fail;
+ }
+
+ uint8_t *pos = ser_params;
+ size_t remaining = needed;
+ int ok;
+ ok = psasim_serialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ *operation);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_buffer(
+ &pos, &remaining,
+ data, data_size);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_size_t(
+ &pos, &remaining,
+ *data_length);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psa_crypto_call(PSA_EXPORT_PUBLIC_KEY_IOP_COMPLETE,
+ ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
+ if (!ok) {
+ printf("PSA_EXPORT_PUBLIC_KEY_IOP_COMPLETE server call failed\n");
+ goto fail;
+ }
+
+ uint8_t *rpos = ser_result;
+ size_t rremain = result_length;
+
+ ok = psasim_deserialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_status_t(
+ &rpos, &rremain,
+ &status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_return_buffer(
+ &rpos, &rremain,
+ data, data_size);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_size_t(
+ &rpos, &rremain,
+ data_length);
+ if (!ok) {
+ goto fail;
+ }
+
+fail:
+ free(ser_params);
+ free(ser_result);
+
+ return status;
+}
+
+
+uint32_t psa_export_public_key_iop_get_num_ops(
+ psa_export_public_key_iop_t *operation
+ )
+{
+ uint8_t *ser_params = NULL;
+ uint8_t *ser_result = NULL;
+ size_t result_length;
+ uint32_t value = 0;
+
+ size_t needed =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_export_public_key_iop_t_needs(*operation);
+
+ ser_params = malloc(needed);
+ if (ser_params == NULL) {
+ value = 0;
+ goto fail;
+ }
+
+ uint8_t *pos = ser_params;
+ size_t remaining = needed;
+ int ok;
+ ok = psasim_serialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ *operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psa_crypto_call(PSA_EXPORT_PUBLIC_KEY_IOP_GET_NUM_OPS,
+ ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
+ if (!ok) {
+ printf("PSA_EXPORT_PUBLIC_KEY_IOP_GET_NUM_OPS server call failed\n");
+ goto fail;
+ }
+
+ uint8_t *rpos = ser_result;
+ size_t rremain = result_length;
+
+ ok = psasim_deserialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_uint32_t(
+ &rpos, &rremain,
+ &value);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+fail:
+ free(ser_params);
+ free(ser_result);
+
+ return value;
+}
+
+
+psa_status_t psa_export_public_key_iop_setup(
+ psa_export_public_key_iop_t *operation,
+ mbedtls_svc_key_id_t key
+ )
+{
+ uint8_t *ser_params = NULL;
+ uint8_t *ser_result = NULL;
+ size_t result_length;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ size_t needed =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_export_public_key_iop_t_needs(*operation) +
+ psasim_serialise_mbedtls_svc_key_id_t_needs(key);
+
+ ser_params = malloc(needed);
+ if (ser_params == NULL) {
+ status = PSA_ERROR_INSUFFICIENT_MEMORY;
+ goto fail;
+ }
+
+ uint8_t *pos = ser_params;
+ size_t remaining = needed;
+ int ok;
+ ok = psasim_serialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ *operation);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_mbedtls_svc_key_id_t(
+ &pos, &remaining,
+ key);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psa_crypto_call(PSA_EXPORT_PUBLIC_KEY_IOP_SETUP,
+ ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
+ if (!ok) {
+ printf("PSA_EXPORT_PUBLIC_KEY_IOP_SETUP server call failed\n");
+ goto fail;
+ }
+
+ uint8_t *rpos = ser_result;
+ size_t rremain = result_length;
+
+ ok = psasim_deserialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_status_t(
+ &rpos, &rremain,
+ &status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+fail:
+ free(ser_params);
+ free(ser_result);
+
+ return status;
+}
+
+
psa_status_t psa_generate_key(
const psa_key_attributes_t *attributes,
mbedtls_svc_key_id_t *key
diff --git a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c
index 599e55f..bd121c5 100644
--- a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c
+++ b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c
@@ -1706,6 +1706,73 @@
}
// Returns 1 for success, 0 for failure
+int psa_can_do_hash_wrapper(
+ uint8_t *in_params, size_t in_params_len,
+ uint8_t **out_params, size_t *out_params_len)
+{
+ int value = 0;
+ psa_algorithm_t hash_alg;
+
+ uint8_t *pos = in_params;
+ size_t remaining = in_params_len;
+ uint8_t *result = NULL;
+ int ok;
+
+ ok = psasim_deserialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_algorithm_t(
+ &pos, &remaining,
+ &hash_alg);
+ if (!ok) {
+ goto fail;
+ }
+
+ // Now we call the actual target function
+
+ value = psa_can_do_hash(
+ hash_alg
+ );
+
+ // NOTE: Should really check there is no overflow as we go along.
+ size_t result_size =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_int_needs(value);
+
+ result = malloc(result_size);
+ if (result == NULL) {
+ goto fail;
+ }
+
+ uint8_t *rpos = result;
+ size_t rremain = result_size;
+
+ ok = psasim_serialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_int(
+ &rpos, &rremain,
+ value);
+ if (!ok) {
+ goto fail;
+ }
+
+ *out_params = result;
+ *out_params_len = result_size;
+
+ return 1; // success
+
+fail:
+ free(result);
+
+ return 0; // This shouldn't happen!
+}
+
+// Returns 1 for success, 0 for failure
int psa_cipher_abort_wrapper(
uint8_t *in_params, size_t in_params_len,
uint8_t **out_params, size_t *out_params_len)
@@ -3036,6 +3103,354 @@
}
// Returns 1 for success, 0 for failure
+int psa_export_public_key_iop_abort_wrapper(
+ uint8_t *in_params, size_t in_params_len,
+ uint8_t **out_params, size_t *out_params_len)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_export_public_key_iop_t operation;
+
+ uint8_t *pos = in_params;
+ size_t remaining = in_params_len;
+ uint8_t *result = NULL;
+ int ok;
+
+ ok = psasim_deserialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ &operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ // Now we call the actual target function
+
+ status = psa_export_public_key_iop_abort(
+ &operation
+ );
+
+ // NOTE: Should really check there is no overflow as we go along.
+ size_t result_size =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_status_t_needs(status) +
+ psasim_serialise_psa_export_public_key_iop_t_needs(operation);
+
+ result = malloc(result_size);
+ if (result == NULL) {
+ goto fail;
+ }
+
+ uint8_t *rpos = result;
+ size_t rremain = result_size;
+
+ ok = psasim_serialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_status_t(
+ &rpos, &rremain,
+ status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ *out_params = result;
+ *out_params_len = result_size;
+
+ return 1; // success
+
+fail:
+ free(result);
+
+ return 0; // This shouldn't happen!
+}
+
+// Returns 1 for success, 0 for failure
+int psa_export_public_key_iop_complete_wrapper(
+ uint8_t *in_params, size_t in_params_len,
+ uint8_t **out_params, size_t *out_params_len)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_export_public_key_iop_t operation;
+ uint8_t *data = NULL;
+ size_t data_size;
+ size_t data_length;
+
+ uint8_t *pos = in_params;
+ size_t remaining = in_params_len;
+ uint8_t *result = NULL;
+ int ok;
+
+ ok = psasim_deserialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ &operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_buffer(
+ &pos, &remaining,
+ &data, &data_size);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_size_t(
+ &pos, &remaining,
+ &data_length);
+ if (!ok) {
+ goto fail;
+ }
+
+ // Now we call the actual target function
+
+ status = psa_export_public_key_iop_complete(
+ &operation,
+ data, data_size,
+ &data_length
+ );
+
+ // NOTE: Should really check there is no overflow as we go along.
+ size_t result_size =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_status_t_needs(status) +
+ psasim_serialise_psa_export_public_key_iop_t_needs(operation) +
+ psasim_serialise_buffer_needs(data, data_size) +
+ psasim_serialise_size_t_needs(data_length);
+
+ result = malloc(result_size);
+ if (result == NULL) {
+ goto fail;
+ }
+
+ uint8_t *rpos = result;
+ size_t rremain = result_size;
+
+ ok = psasim_serialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_status_t(
+ &rpos, &rremain,
+ status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_buffer(
+ &rpos, &rremain,
+ data, data_size);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_size_t(
+ &rpos, &rremain,
+ data_length);
+ if (!ok) {
+ goto fail;
+ }
+
+ *out_params = result;
+ *out_params_len = result_size;
+
+ free(data);
+
+ return 1; // success
+
+fail:
+ free(result);
+
+ free(data);
+
+ return 0; // This shouldn't happen!
+}
+
+// Returns 1 for success, 0 for failure
+int psa_export_public_key_iop_get_num_ops_wrapper(
+ uint8_t *in_params, size_t in_params_len,
+ uint8_t **out_params, size_t *out_params_len)
+{
+ uint32_t value = 0;
+ psa_export_public_key_iop_t operation;
+
+ uint8_t *pos = in_params;
+ size_t remaining = in_params_len;
+ uint8_t *result = NULL;
+ int ok;
+
+ ok = psasim_deserialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ &operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ // Now we call the actual target function
+
+ value = psa_export_public_key_iop_get_num_ops(
+ &operation
+ );
+
+ // NOTE: Should really check there is no overflow as we go along.
+ size_t result_size =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_uint32_t_needs(value) +
+ psasim_serialise_psa_export_public_key_iop_t_needs(operation);
+
+ result = malloc(result_size);
+ if (result == NULL) {
+ goto fail;
+ }
+
+ uint8_t *rpos = result;
+ size_t rremain = result_size;
+
+ ok = psasim_serialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_uint32_t(
+ &rpos, &rremain,
+ value);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ *out_params = result;
+ *out_params_len = result_size;
+
+ return 1; // success
+
+fail:
+ free(result);
+
+ return 0; // This shouldn't happen!
+}
+
+// Returns 1 for success, 0 for failure
+int psa_export_public_key_iop_setup_wrapper(
+ uint8_t *in_params, size_t in_params_len,
+ uint8_t **out_params, size_t *out_params_len)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_export_public_key_iop_t operation;
+ mbedtls_svc_key_id_t key;
+
+ uint8_t *pos = in_params;
+ size_t remaining = in_params_len;
+ uint8_t *result = NULL;
+ int ok;
+
+ ok = psasim_deserialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ &operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_mbedtls_svc_key_id_t(
+ &pos, &remaining,
+ &key);
+ if (!ok) {
+ goto fail;
+ }
+
+ // Now we call the actual target function
+
+ status = psa_export_public_key_iop_setup(
+ &operation,
+ key
+ );
+
+ // NOTE: Should really check there is no overflow as we go along.
+ size_t result_size =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_status_t_needs(status) +
+ psasim_serialise_psa_export_public_key_iop_t_needs(operation);
+
+ result = malloc(result_size);
+ if (result == NULL) {
+ goto fail;
+ }
+
+ uint8_t *rpos = result;
+ size_t rremain = result_size;
+
+ ok = psasim_serialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_status_t(
+ &rpos, &rremain,
+ status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ *out_params = result;
+ *out_params_len = result_size;
+
+ return 1; // success
+
+fail:
+ free(result);
+
+ return 0; // This shouldn't happen!
+}
+
+// Returns 1 for success, 0 for failure
int psa_generate_key_wrapper(
uint8_t *in_params, size_t in_params_len,
uint8_t **out_params, size_t *out_params_len)
@@ -8478,6 +8893,10 @@
ok = psa_asymmetric_encrypt_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
break;
+ case PSA_CAN_DO_HASH:
+ ok = psa_can_do_hash_wrapper(in_params, in_params_len,
+ &out_params, &out_params_len);
+ break;
case PSA_CIPHER_ABORT:
ok = psa_cipher_abort_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
@@ -8530,6 +8949,22 @@
ok = psa_export_public_key_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
break;
+ case PSA_EXPORT_PUBLIC_KEY_IOP_ABORT:
+ ok = psa_export_public_key_iop_abort_wrapper(in_params, in_params_len,
+ &out_params, &out_params_len);
+ break;
+ case PSA_EXPORT_PUBLIC_KEY_IOP_COMPLETE:
+ ok = psa_export_public_key_iop_complete_wrapper(in_params, in_params_len,
+ &out_params, &out_params_len);
+ break;
+ case PSA_EXPORT_PUBLIC_KEY_IOP_GET_NUM_OPS:
+ ok = psa_export_public_key_iop_get_num_ops_wrapper(in_params, in_params_len,
+ &out_params, &out_params_len);
+ break;
+ case PSA_EXPORT_PUBLIC_KEY_IOP_SETUP:
+ ok = psa_export_public_key_iop_setup_wrapper(in_params, in_params_len,
+ &out_params, &out_params_len);
+ break;
case PSA_GENERATE_KEY:
ok = psa_generate_key_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
diff --git a/tests/psa-client-server/psasim/src/psa_sim_generate.pl b/tests/psa-client-server/psasim/src/psa_sim_generate.pl
index fbceddf..5770dea 100755
--- a/tests/psa-client-server/psasim/src/psa_sim_generate.pl
+++ b/tests/psa-client-server/psasim/src/psa_sim_generate.pl
@@ -29,7 +29,6 @@
'mbedtls_psa_get_stats', # uses unsupported type
'mbedtls_psa_inject_entropy', # not in the default config, generally not for client use anyway
'mbedtls_psa_platform_get_builtin_key', # not in the default config, uses unsupported type
- 'mbedtls_psa_register_se_key', # not in the default config, generally not for client use anyway
'psa_get_key_slot_number', # not in the default config, uses unsupported type
'psa_key_derivation_verify_bytes', # not implemented yet
'psa_key_derivation_verify_key', # not implemented yet
@@ -1107,11 +1106,13 @@
my $ret_name = "";
$ret_name = "status" if $ret_type eq "psa_status_t";
$ret_name = "value" if $ret_type eq "uint32_t";
+ $ret_name = "value" if $ret_type eq "int";
$ret_name = "(void)" if $ret_type eq "void";
die("ret_name for $ret_type?") unless length($ret_name);
my $ret_default = "";
$ret_default = "PSA_ERROR_CORRUPTION_DETECTED" if $ret_type eq "psa_status_t";
$ret_default = "0" if $ret_type eq "uint32_t";
+ $ret_default = "0" if $ret_type eq "int";
$ret_default = "(void)" if $ret_type eq "void";
die("ret_default for $ret_type?") unless length($ret_default);
diff --git a/tests/psa-client-server/psasim/src/psa_sim_serialise.c b/tests/psa-client-server/psasim/src/psa_sim_serialise.c
index cd081e4..0dde934 100644
--- a/tests/psa-client-server/psasim/src/psa_sim_serialise.c
+++ b/tests/psa-client-server/psasim/src/psa_sim_serialise.c
@@ -1696,6 +1696,42 @@
return 1;
}
+size_t psasim_serialise_psa_export_public_key_iop_t_needs(
+ psa_export_public_key_iop_t value)
+{
+ return sizeof(value);
+}
+
+int psasim_serialise_psa_export_public_key_iop_t(uint8_t **pos,
+ size_t *remaining,
+ psa_export_public_key_iop_t value)
+{
+ if (*remaining < sizeof(value)) {
+ return 0;
+ }
+
+ memcpy(*pos, &value, sizeof(value));
+ *pos += sizeof(value);
+
+ return 1;
+}
+
+int psasim_deserialise_psa_export_public_key_iop_t(uint8_t **pos,
+ size_t *remaining,
+ psa_export_public_key_iop_t *value)
+{
+ if (*remaining < sizeof(*value)) {
+ return 0;
+ }
+
+ memcpy(value, *pos, sizeof(*value));
+
+ *pos += sizeof(*value);
+ *remaining -= sizeof(*value);
+
+ return 1;
+}
+
void psa_sim_serialize_reset(void)
{
memset(hash_operation_handles, 0,
diff --git a/tests/psa-client-server/psasim/src/psa_sim_serialise.h b/tests/psa-client-server/psasim/src/psa_sim_serialise.h
index a224d82..3b6f08e 100644
--- a/tests/psa-client-server/psasim/src/psa_sim_serialise.h
+++ b/tests/psa-client-server/psasim/src/psa_sim_serialise.h
@@ -1387,3 +1387,46 @@
int psasim_deserialise_psa_generate_key_iop_t(uint8_t **pos,
size_t *remaining,
psa_generate_key_iop_t *value);
+
+/** Return how much buffer space is needed by \c psasim_serialise_psa_export_public_key_iop_t()
+ * to serialise a `psa_export_public_key_iop_t`.
+ *
+ * \param value The value that will be serialised into the buffer
+ * (needed in case some serialisations are value-
+ * dependent).
+ *
+ * \return The number of bytes needed in the buffer by
+ * \c psasim_serialise_psa_export_public_key_iop_t() to serialise
+ * the given value.
+ */
+size_t psasim_serialise_psa_export_public_key_iop_t_needs(
+ psa_export_public_key_iop_t value);
+
+/** Serialise a `psa_export_public_key_iop_t` into a buffer.
+ *
+ * \param pos[in,out] Pointer to a `uint8_t *` holding current position
+ * in the buffer.
+ * \param remaining[in,out] Pointer to a `size_t` holding number of bytes
+ * remaining in the buffer.
+ * \param value The value to serialise into the buffer.
+ *
+ * \return \c 1 on success ("okay"), \c 0 on error.
+ */
+int psasim_serialise_psa_export_public_key_iop_t(uint8_t **pos,
+ size_t *remaining,
+ psa_export_public_key_iop_t value);
+
+/** Deserialise a `psa_export_public_key_iop_t` from a buffer.
+ *
+ * \param pos[in,out] Pointer to a `uint8_t *` holding current position
+ * in the buffer.
+ * \param remaining[in,out] Pointer to a `size_t` holding number of bytes
+ * remaining in the buffer.
+ * \param value Pointer to a `psa_export_public_key_iop_t` to receive the value
+ * deserialised from the buffer.
+ *
+ * \return \c 1 on success ("okay"), \c 0 on error.
+ */
+int psasim_deserialise_psa_export_public_key_iop_t(uint8_t **pos,
+ size_t *remaining,
+ psa_export_public_key_iop_t *value);
diff --git a/tests/psa-client-server/psasim/src/psa_sim_serialise.pl b/tests/psa-client-server/psasim/src/psa_sim_serialise.pl
index 0dba81e..0c9faf4 100755
--- a/tests/psa-client-server/psasim/src/psa_sim_serialise.pl
+++ b/tests/psa-client-server/psasim/src/psa_sim_serialise.pl
@@ -50,7 +50,8 @@
psa_verify_hash_interruptible_operation_t
mbedtls_svc_key_id_t
psa_key_agreement_iop_t
- sa_generate_key_iop_t);
+ psa_generate_key_iop_t
+ psa_export_public_key_iop_t);
grep(s/-/ /g, @types);
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index e68c2cb..5f8f910 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -474,7 +474,7 @@
DRIVER = 'test_psa_crypto_config_accel_ecc_ffdh_no_bignum'
IGNORED_SUITES = [
# Modules replaced by drivers
- 'ecp', 'ecdsa', 'ecdh', 'ecjpake', 'dhm',
+ 'ecp', 'ecdsa', 'ecdh', 'ecjpake',
'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw',
'bignum.generated', 'bignum.misc',
# Unit tests for the built-in implementation
@@ -483,7 +483,6 @@
IGNORED_TESTS = {
'test_suite_config': [
re.compile(r'.*\bMBEDTLS_BIGNUM_C\b.*'),
- re.compile(r'.*\bMBEDTLS_DHM_C\b.*'),
re.compile(r'.*\bMBEDTLS_(ECDH|ECDSA|ECJPAKE|ECP)_.*'),
re.compile(r'.*\bMBEDTLS_PK_PARSE_EC_COMPRESSED\b.*'),
],
@@ -516,11 +515,7 @@
class DriverVSReference_ffdh_alg(outcome_analysis.DriverVSReference):
REFERENCE = 'test_psa_crypto_config_reference_ffdh'
DRIVER = 'test_psa_crypto_config_accel_ffdh'
- IGNORED_SUITES = ['dhm']
IGNORED_TESTS = {
- 'test_suite_config': [
- re.compile(r'.*\bMBEDTLS_DHM_C\b.*'),
- ],
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh
index 8cc341d..e3c8e08 100755
--- a/tests/scripts/check-generated-files.sh
+++ b/tests/scripts/check-generated-files.sh
@@ -141,10 +141,10 @@
if [ -d tf-psa-crypto ]; then
cd tf-psa-crypto
check scripts/generate_psa_constants.py ./programs/psa/psa_constant_names_generated.c
- check ../framework/scripts/generate_bignum_tests.py $(../framework/scripts/generate_bignum_tests.py --list)
- check ../framework/scripts/generate_config_tests.py tests/suites/test_suite_config.psa_boolean.data
- check ../framework/scripts/generate_ecp_tests.py $(../framework/scripts/generate_ecp_tests.py --list)
- check ../framework/scripts/generate_psa_tests.py $(../framework/scripts/generate_psa_tests.py --list)
+ check framework/scripts/generate_bignum_tests.py $(framework/scripts/generate_bignum_tests.py --list)
+ check framework/scripts/generate_config_tests.py $(framework/scripts/generate_config_tests.py --list)
+ check framework/scripts/generate_ecp_tests.py $(framework/scripts/generate_ecp_tests.py --list)
+ check framework/scripts/generate_psa_tests.py $(framework/scripts/generate_psa_tests.py --list)
cd ..
# Generated files that are present in the repository even in the development
# branch. (This is intended to be temporary, until the generator scripts are
@@ -171,7 +171,7 @@
check framework/scripts/generate_psa_wrappers.py tests/include/test/psa_test_wrappers.h tests/src/psa_test_wrappers.c
fi
-check framework/scripts/generate_test_keys.py framework/tests/include/test/test_keys.h
+check framework/scripts/generate_test_keys.py tests/include/test/test_keys.h
# Additional checks for Mbed TLS only
if in_mbedtls_repo; then
@@ -179,8 +179,9 @@
check scripts/generate_query_config.pl programs/test/query_config.c
check scripts/generate_features.pl library/version_features.c
check framework/scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c
+ check framework/scripts/generate_tls_handshake_tests.py tests/opt-testcases/handshake-generated.sh
check framework/scripts/generate_tls13_compat_tests.py tests/opt-testcases/tls13-compat.sh
- check framework/scripts/generate_test_cert_macros.py tests/src/test_certs.h
+ check framework/scripts/generate_test_cert_macros.py tests/include/test/test_certs.h
# generate_visualc_files enumerates source files (library/*.c). It doesn't
# care about their content, but the files must exist. So it must run after
# the step that creates or updates these files.
diff --git a/tests/scripts/components-basic-checks.sh b/tests/scripts/components-basic-checks.sh
index 3ee88a3..85731a1 100644
--- a/tests/scripts/components-basic-checks.sh
+++ b/tests/scripts/components-basic-checks.sh
@@ -17,20 +17,38 @@
}
component_check_generated_files () {
- msg "Check: check-generated-files, files generated with make" # 2s
+ msg "Check make_generated_files.py consistency"
+ make neat
+ $FRAMEWORK/scripts/make_generated_files.py
+ $FRAMEWORK/scripts/make_generated_files.py --check
+ make neat
+
+ msg "Check files generated with make"
+ MBEDTLS_ROOT_DIR="$PWD"
make generated_files
- tests/scripts/check-generated-files.sh
+ $FRAMEWORK/scripts/make_generated_files.py --check
- msg "Check: check-generated-files -u, files present" # 2s
- tests/scripts/check-generated-files.sh -u
- # Check that the generated files are considered up to date.
- tests/scripts/check-generated-files.sh
+ cd $TF_PSA_CRYPTO_ROOT_DIR
+ ./framework/scripts/make_generated_files.py --check
- msg "Check: check-generated-files -u, files absent" # 2s
- command make neat
- tests/scripts/check-generated-files.sh -u
- # Check that the generated files are considered up to date.
- tests/scripts/check-generated-files.sh
+ msg "Check files generated with cmake"
+ cd "$MBEDTLS_ROOT_DIR"
+ mkdir "$OUT_OF_SOURCE_DIR"
+ cd "$OUT_OF_SOURCE_DIR"
+ cmake -D GEN_FILES=ON "$MBEDTLS_ROOT_DIR"
+ make
+ cd "$MBEDTLS_ROOT_DIR"
+
+ # Files for MS Visual Studio are not generated with cmake thus copy the
+ # ones generated with make to pacify make_generated_files.py check.
+ # Files for MS Visual Studio are rather on their way out thus not adding
+ # support for them with cmake.
+ cp -Rf visualc "$OUT_OF_SOURCE_DIR"
+
+ $FRAMEWORK/scripts/make_generated_files.py --root "$OUT_OF_SOURCE_DIR" --check
+
+ cd $TF_PSA_CRYPTO_ROOT_DIR
+ ./framework/scripts/make_generated_files.py --root "$OUT_OF_SOURCE_DIR/tf-psa-crypto" --check
# This component ends with the generated files present in the source tree.
# This is necessary for subsequent components!
diff --git a/tests/scripts/components-build-system.sh b/tests/scripts/components-build-system.sh
index 91a999e..3108aa7 100644
--- a/tests/scripts/components-build-system.sh
+++ b/tests/scripts/components-build-system.sh
@@ -123,27 +123,6 @@
fi
}
-component_test_tf_psa_crypto_cmake_as_package () {
- # Remove existing generated files so that we use the ones CMake
- # generates
- make neat
-
- msg "build: cmake 'as-package' build"
- root_dir="$(pwd)"
- cd tf-psa-crypto/programs/test/cmake_package
- build_variant_dir="$(pwd)"
- cmake .
- make
- ./cmake_package
- if [[ "$OSTYPE" == linux* ]]; then
- PKG_CONFIG_PATH="${build_variant_dir}/tf-psa-crypto/pkgconfig" \
- ${root_dir}/framework/scripts/pkgconfig.sh \
- tfpsacrypto
- # This is the EXPECTED package name. Renaming it could break consumers
- # of pkg-config, consider carefully.
- fi
-}
-
support_test_cmake_as_package () {
support_test_cmake_out_of_source
}
diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index 34b3107..3d58895 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@@ -668,9 +668,6 @@
# start with full (USE_PSA and TLS 1.3)
helper_libtestdriver1_adjust_config "full"
- # Disable the module that's accelerated
- scripts/config.py unset MBEDTLS_DHM_C
-
# Build
# -----
@@ -679,7 +676,7 @@
helper_libtestdriver1_make_main "$loc_accel_list"
# Make sure this was not re-enabled by accident (additive config)
- not grep mbedtls_dhm_ ${BUILTIN_SRC_PATH}/dhm.o
+ not grep mbedtls_psa_ffdh_key_agreement ${BUILTIN_SRC_PATH}/psa_crypto_ffdh.o
# Run the tests
# -------------
@@ -1168,7 +1165,6 @@
scripts/config.py unset MBEDTLS_PKCS1_V21
scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
# Also disable key exchanges that depend on RSA
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
@@ -1178,12 +1174,6 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_FFDH
scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*"
scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_DH_RFC7919_[0-9]*"
- scripts/config.py unset MBEDTLS_DHM_C
- else
- # When testing ECC and DH instead, we disable DHM.
- if [ "$driver_only" -eq 1 ]; then
- scripts/config.py unset MBEDTLS_DHM_C
- fi
fi
# Restartable feature is not yet supported by PSA. Once it will in
@@ -1255,16 +1245,15 @@
not grep mbedtls_ecdsa_ ${BUILTIN_SRC_PATH}/ecdsa.o
not grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
not grep mbedtls_ecjpake_ ${BUILTIN_SRC_PATH}/ecjpake.o
- # Also ensure that ECP, RSA, [DHM] or BIGNUM modules were not re-enabled
+ # Also ensure that ECP, RSA or BIGNUM modules were not re-enabled
not grep mbedtls_ecp_ ${BUILTIN_SRC_PATH}/ecp.o
not grep mbedtls_rsa_ ${BUILTIN_SRC_PATH}/rsa.o
not grep mbedtls_mpi_ ${BUILTIN_SRC_PATH}/bignum.o
- not grep mbedtls_dhm_ ${BUILTIN_SRC_PATH}/dhm.o
# Run the tests
# -------------
- msg "test suites: full + accelerated $accel_text algs + USE_PSA - $removed_text - DHM - BIGNUM"
+ msg "test suites: full + accelerated $accel_text algs + USE_PSA - $removed_text - BIGNUM"
make test
@@ -1362,10 +1351,9 @@
not grep mbedtls_ecdsa_ ${BUILTIN_SRC_PATH}/ecdsa.o
not grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
not grep mbedtls_ecjpake_ ${BUILTIN_SRC_PATH}/ecjpake.o
- # Also ensure that ECP, RSA, DHM or BIGNUM modules were not re-enabled
+ # Also ensure that ECP, RSA or BIGNUM modules were not re-enabled
not grep mbedtls_ecp_ ${BUILTIN_SRC_PATH}/ecp.o
not grep mbedtls_rsa_ ${BUILTIN_SRC_PATH}/rsa.o
- not grep mbedtls_dhm_ ${BUILTIN_SRC_PATH}/dhm.o
not grep mbedtls_mpi_ ${BUILTIN_SRC_PATH}/bignum.o
# Check that p256m was built
grep -q p256_ecdsa_ library/libmbedcrypto.a
@@ -1536,7 +1524,6 @@
scripts/config.py unset MBEDTLS_PKCS1_V21
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
scripts/config.py unset MBEDTLS_RSA_C
scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
diff --git a/tests/scripts/components-configuration-tls.sh b/tests/scripts/components-configuration-tls.sh
index 8379501..6b3f9c2 100644
--- a/tests/scripts/components-configuration-tls.sh
+++ b/tests/scripts/components-configuration-tls.sh
@@ -242,8 +242,8 @@
tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket"
}
-# Common helper for component_full_without_ecdhe_ecdsa() and
-# component_full_without_ecdhe_ecdsa_and_tls13() which:
+# Common helper for component_full_without_ecdhe_ecdsa(),
+# component_full_without_ecdhe_ecdsa_and_tls13() and component_full_without_tls13 which:
# - starts from the "full" configuration minus the list of symbols passed in
# as 1st parameter
# - build
@@ -277,6 +277,10 @@
MBEDTLS_SSL_PROTO_TLS1_3"
}
+component_full_without_tls13 () {
+ build_full_minus_something_and_test_tls "MBEDTLS_SSL_PROTO_TLS1_3"
+}
+
component_build_no_ssl_srv () {
msg "build: full config except SSL server, make, gcc" # ~ 30s
scripts/config.py full
@@ -469,7 +473,6 @@
scripts/config.py unset MBEDTLS_ECDH_C
scripts/config.py unset MBEDTLS_ECDSA_C
scripts/config.py unset MBEDTLS_PKCS1_V21
- scripts/config.py unset MBEDTLS_DHM_C
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
diff --git a/tests/scripts/components-configuration.sh b/tests/scripts/components-configuration.sh
index cee4d63..2dfa6d2 100644
--- a/tests/scripts/components-configuration.sh
+++ b/tests/scripts/components-configuration.sh
@@ -277,7 +277,6 @@
scripts/config.py unset MBEDTLS_PLATFORM_C
scripts/config.py unset MBEDTLS_NET_C
scripts/config.py unset MBEDTLS_FS_IO
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C
scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
diff --git a/tests/scripts/components-sanitizers.sh b/tests/scripts/components-sanitizers.sh
index 454d140..45d0960 100644
--- a/tests/scripts/components-sanitizers.sh
+++ b/tests/scripts/components-sanitizers.sh
@@ -114,9 +114,6 @@
# Interruptible ECC tests are not thread safe
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
- # The deprecated MBEDTLS_PSA_CRYPTO_SE_C interface is not thread safe.
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
-
CC=clang cmake -D CMAKE_BUILD_TYPE:String=TSan .
make
@@ -189,4 +186,3 @@
msg "test: main suites, Valgrind (full config)"
make memcheck
}
-
diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py
index a08ede5..816d2de 100755
--- a/tests/scripts/depends.py
+++ b/tests/scripts/depends.py
@@ -315,7 +315,6 @@
'PSA_WANT_ALG_RSA_OAEP',
'PSA_WANT_ALG_RSA_PSS'],
'MBEDTLS_PKCS1_V15': ['MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
- 'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED',
'PSA_WANT_ALG_RSA_PKCS1V15_CRYPT',
'PSA_WANT_ALG_RSA_PKCS1V15_SIGN'],
'MBEDTLS_RSA_C': ['MBEDTLS_PKCS1_V15',
diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py
index f68dfcb..2267311 100755
--- a/tests/scripts/set_psa_test_dependencies.py
+++ b/tests/scripts/set_psa_test_dependencies.py
@@ -58,7 +58,6 @@
'MBEDTLS_CMAC_C',
'MBEDTLS_CTR_DRBG_C',
'MBEDTLS_DES_C',
- 'MBEDTLS_DHM_C',
'MBEDTLS_ECDH_C',
'MBEDTLS_ECDSA_C',
'MBEDTLS_ECJPAKE_C',
diff --git a/tests/src/certs.c b/tests/src/certs.c
index bacc846..d1af5b2 100644
--- a/tests/src/certs.c
+++ b/tests/src/certs.c
@@ -13,7 +13,7 @@
#include "mbedtls/pk.h"
-#include "test_certs.h"
+#include "test/test_certs.h"
/*
*
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index 44e07ef..bffb353 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -28,9 +28,22 @@
{
mbedtls_test_ssl_log_pattern *p = (mbedtls_test_ssl_log_pattern *) ctx;
+/* Change 0 to 1 for debugging of test cases that use this function. */
+#if 0
+ const char *q, *basename;
+ /* Extract basename from file */
+ for (q = basename = file; *q != '\0'; q++) {
+ if (*q == '/' || *q == '\\') {
+ basename = q + 1;
+ }
+ }
+ printf("%s:%04d: |%d| %s",
+ basename, line, level, str);
+#else
(void) level;
(void) line;
(void) file;
+#endif
if (NULL != p &&
NULL != p->pattern &&
@@ -639,8 +652,7 @@
ret = mbedtls_pk_parse_key(
cert->pkey,
(const unsigned char *) mbedtls_test_srv_key_rsa_der,
- mbedtls_test_srv_key_rsa_der_len, NULL, 0,
- mbedtls_test_rnd_std_rand, NULL);
+ mbedtls_test_srv_key_rsa_der_len, NULL, 0);
TEST_ASSERT(ret == 0);
} else {
ret = mbedtls_x509_crt_parse(
@@ -652,8 +664,7 @@
ret = mbedtls_pk_parse_key(
cert->pkey,
(const unsigned char *) mbedtls_test_srv_key_ec_der,
- mbedtls_test_srv_key_ec_der_len, NULL, 0,
- mbedtls_test_rnd_std_rand, NULL);
+ mbedtls_test_srv_key_ec_der_len, NULL, 0);
TEST_ASSERT(ret == 0);
}
} else {
@@ -667,8 +678,7 @@
ret = mbedtls_pk_parse_key(
cert->pkey,
(const unsigned char *) mbedtls_test_cli_key_rsa_der,
- mbedtls_test_cli_key_rsa_der_len, NULL, 0,
- mbedtls_test_rnd_std_rand, NULL);
+ mbedtls_test_cli_key_rsa_der_len, NULL, 0);
TEST_ASSERT(ret == 0);
} else {
ret = mbedtls_x509_crt_parse(
@@ -680,8 +690,7 @@
ret = mbedtls_pk_parse_key(
cert->pkey,
(const unsigned char *) mbedtls_test_cli_key_ec_der,
- mbedtls_test_cli_key_ec_der_len, NULL, 0,
- mbedtls_test_rnd_std_rand, NULL);
+ mbedtls_test_cli_key_ec_der_len, NULL, 0);
TEST_ASSERT(ret == 0);
}
}
@@ -758,7 +767,6 @@
mbedtls_ssl_init(&(ep->ssl));
mbedtls_ssl_config_init(&(ep->conf));
- mbedtls_ssl_conf_rng(&(ep->conf), mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&ep->conf) == NULL);
TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), 0);
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 23b692c..0634c26 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -103,12 +103,14 @@
O_NEXT_SRV_NO_CERT="$OPENSSL_NEXT s_server -www "
O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client -CAfile $DATA_FILES_PATH/test-ca_cat12.crt"
O_NEXT_CLI_NO_CERT="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client"
+ O_NEXT_CLI_RENEGOTIATE="echo 'R' | $OPENSSL_NEXT s_client -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key"
else
O_NEXT_SRV=false
O_NEXT_SRV_NO_CERT=false
O_NEXT_SRV_EARLY_DATA=false
O_NEXT_CLI_NO_CERT=false
O_NEXT_CLI=false
+ O_NEXT_CLI_RENEGOTIATE=false
fi
if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
@@ -309,8 +311,7 @@
SKIP_NEXT="YES"
}
-TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
- MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
+TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
@@ -318,9 +319,8 @@
TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT="MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
-TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
- MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
- MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED"
+TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
+ MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED"
requires_certificate_authentication () {
if is_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
@@ -2306,20 +2306,6 @@
-C "error"
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
-requires_config_disabled MBEDTLS_SSL_ASYNC_PRIVATE
-requires_hash_alg SHA_256
-run_test "Opaque key for server authentication: invalid key: decrypt with ECC key, no async" \
- "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \
- key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=rsa-decrypt,none \
- debug_level=1" \
- "$P_CLI force_version=tls12" \
- 1 \
- -s "key types: Opaque, none" \
- -s "error" \
- -c "error" \
- -c "Public key type mismatch"
-
-requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_disabled MBEDTLS_SSL_ASYNC_PRIVATE
@@ -2336,20 +2322,6 @@
-c "Public key type mismatch"
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-requires_hash_alg SHA_256
-run_test "Opaque key for server authentication: invalid alg: decrypt with ECC key, async" \
- "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \
- key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=rsa-decrypt,none \
- debug_level=1" \
- "$P_CLI force_version=tls12" \
- 1 \
- -s "key types: Opaque, none" \
- -s "got ciphersuites in common, but none of them usable" \
- -s "error" \
- -c "error"
-
-requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
requires_hash_alg SHA_256
@@ -2437,8 +2409,8 @@
requires_config_enabled MBEDTLS_SSL_SRV_C
requires_config_enabled MBEDTLS_SSL_CLI_C
run_test "TLS 1.3 opaque key: no suitable algorithm found" \
- "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,none" \
- "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
+ "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pkcs1,none" \
+ "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-sign-pkcs1,rsa-sign-pss" \
1 \
-c "key type: Opaque" \
-s "key types: Opaque, Opaque" \
@@ -2450,8 +2422,8 @@
requires_config_enabled MBEDTLS_SSL_SRV_C
requires_config_enabled MBEDTLS_SSL_CLI_C
run_test "TLS 1.3 opaque key: suitable algorithm found" \
- "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
- "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
+ "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pkcs1,rsa-sign-pss" \
+ "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-sign-pkcs1,rsa-sign-pss" \
0 \
-c "key type: Opaque" \
-s "key types: Opaque, Opaque" \
@@ -2477,8 +2449,8 @@
requires_config_enabled MBEDTLS_SSL_SRV_C
requires_config_enabled MBEDTLS_SSL_CLI_C
run_test "TLS 1.3 opaque key: 2 keys on server, suitable algorithm found" \
- "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs2=ecdsa-sign,none key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
- "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
+ "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs2=ecdsa-sign,none key_opaque_algs=rsa-sign-pkcs1,rsa-sign-pss" \
+ "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-sign-pkcs1,rsa-sign-pss" \
0 \
-c "key type: Opaque" \
-s "key types: Opaque, Opaque" \
@@ -2505,20 +2477,6 @@
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
-run_test "Opaque key for server authentication: RSA-" \
- "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \
- "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \
- 0 \
- -c "Verifying peer X.509 certificate... ok" \
- -c "Ciphersuite is TLS-RSA-" \
- -s "key types: Opaque, Opaque" \
- -s "Ciphersuite is TLS-RSA-" \
- -S "error" \
- -C "error"
-
-requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
-requires_config_enabled MBEDTLS_RSA_C
-requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
run_test "Opaque key for server authentication: ECDHE-RSA, PSS instead of PKCS1" \
"$P_SRV auth_mode=required key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \
@@ -3618,7 +3576,7 @@
run_test "Encrypt then MAC: default" \
"$P_SRV debug_level=3 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
"$P_CLI debug_level=3" \
0 \
-c "client hello, adding encrypt_then_mac extension" \
@@ -3630,7 +3588,7 @@
run_test "Encrypt then MAC: client enabled, server disabled" \
"$P_SRV debug_level=3 etm=0 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
"$P_CLI debug_level=3 etm=1" \
0 \
-c "client hello, adding encrypt_then_mac extension" \
@@ -3642,7 +3600,7 @@
run_test "Encrypt then MAC: client enabled, aead cipher" \
"$P_SRV debug_level=3 etm=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256" \
"$P_CLI debug_level=3 etm=1" \
0 \
-c "client hello, adding encrypt_then_mac extension" \
@@ -3654,7 +3612,7 @@
run_test "Encrypt then MAC: client disabled, server enabled" \
"$P_SRV debug_level=3 etm=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
"$P_CLI debug_level=3 etm=0" \
0 \
-C "client hello, adding encrypt_then_mac extension" \
@@ -3740,7 +3698,7 @@
run_test "CBC Record splitting: TLS 1.2, no splitting" \
"$P_SRV force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
request_size=123" \
0 \
-s "Read from client: 123 bytes read" \
@@ -7737,12 +7695,12 @@
0 \
-c "Ciphersuite is TLS-ECDHE-RSA-WITH-"
-run_test "keyUsage srv 1.2: RSA, keyEncipherment -> RSA" \
+run_test "keyUsage srv 1.2: RSA, keyEncipherment -> fail" \
"$P_SRV force_version=tls12 key_file=$DATA_FILES_PATH/server2.key \
crt_file=$DATA_FILES_PATH/server2.ku-ke.crt" \
"$P_CLI" \
- 0 \
- -c "Ciphersuite is TLS-RSA-WITH-"
+ 1 \
+ -C "Ciphersuite is "
run_test "keyUsage srv 1.2: RSA, keyAgreement -> fail" \
"$P_SRV force_version=tls12 key_file=$DATA_FILES_PATH/server2.key \
@@ -7776,20 +7734,6 @@
# Tests for keyUsage in leaf certificates, part 2:
# client-side checking of server cert
-#
-# TLS 1.3 uses only signature, but for 1.2 it depends on the key exchange.
-# In 4.0 this will probably change as all TLS 1.2 key exchanges will use
-# signatures too, following the removal of RSA #8170 and static ECDH #9201.
-
-run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, RSA: OK" \
- "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
- -cert $DATA_FILES_PATH/server2.ku-ds_ke.crt" \
- "$P_CLI debug_level=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -C "bad certificate (usage extensions)" \
- -C "Processing of the Certificate handshake message failed" \
- -c "Ciphersuite is TLS-"
run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, ECDHE-RSA: OK" \
"$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
@@ -7801,16 +7745,6 @@
-C "Processing of the Certificate handshake message failed" \
-c "Ciphersuite is TLS-"
-run_test "keyUsage cli 1.2: KeyEncipherment, RSA: OK" \
- "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
- -cert $DATA_FILES_PATH/server2.ku-ke.crt" \
- "$P_CLI debug_level=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -C "bad certificate (usage extensions)" \
- -C "Processing of the Certificate handshake message failed" \
- -c "Ciphersuite is TLS-"
-
run_test "keyUsage cli 1.2: KeyEncipherment, ECDHE-RSA: fail (hard)" \
"$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
-cert $DATA_FILES_PATH/server2.ku-ke.crt" \
@@ -7846,31 +7780,6 @@
-C "Processing of the Certificate handshake message failed" \
-c "Ciphersuite is TLS-"
-run_test "keyUsage cli 1.2: DigitalSignature, RSA: fail (hard)" \
- "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
- -cert $DATA_FILES_PATH/server2.ku-ds.crt" \
- "$P_CLI debug_level=3 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 1 \
- -c "bad certificate (usage extensions)" \
- -c "Processing of the Certificate handshake message failed" \
- -C "Ciphersuite is TLS-" \
- -c "send alert level=2 message=43" \
- -c "! Usage does not match the keyUsage extension"
- # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
-
-run_test "keyUsage cli 1.2: DigitalSignature, RSA: fail (soft)" \
- "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
- -cert $DATA_FILES_PATH/server2.ku-ds.crt" \
- "$P_CLI debug_level=3 auth_mode=optional \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -c "bad certificate (usage extensions)" \
- -C "Processing of the Certificate handshake message failed" \
- -c "Ciphersuite is TLS-" \
- -C "send alert level=2 message=43" \
- -c "! Usage does not match the keyUsage extension"
-
requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "keyUsage cli 1.3: DigitalSignature, RSA: OK" \
@@ -8923,17 +8832,6 @@
# Test for ClientHello without extensions
-# Without extensions, ECC is impossible (no curve negotiation).
-requires_config_enabled MBEDTLS_RSA_C
-requires_gnutls
-run_test "ClientHello without extensions: RSA" \
- "$P_SRV force_version=tls12 debug_level=3" \
- "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
- 0 \
- -s "Ciphersuite is .*-RSA-WITH-.*" \
- -S "Ciphersuite is .*-EC.*" \
- -s "dumping 'client hello extensions' (0 bytes)"
-
requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
requires_gnutls
run_test "ClientHello without extensions: PSK" \
@@ -8981,14 +8879,14 @@
run_test "Small client packet TLS 1.2 BlockCipher" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA etm=0" \
0 \
-s "Read from client: 1 bytes read"
@@ -9002,14 +8900,14 @@
run_test "Small client packet TLS 1.2 AEAD" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
0 \
-s "Read from client: 1 bytes read"
run_test "Small client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \
0 \
-s "Read from client: 1 bytes read"
@@ -9035,7 +8933,7 @@
run_test "Small client packet DTLS 1.2" \
"$P_SRV dtls=1 force_version=dtls12" \
"$P_CLI dtls=1 request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
@@ -9043,7 +8941,7 @@
run_test "Small client packet DTLS 1.2, without EtM" \
"$P_SRV dtls=1 force_version=dtls12 etm=0" \
"$P_CLI dtls=1 request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
@@ -9051,13 +8949,13 @@
run_test "Small server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=1 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 1 bytes read"
run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV response_size=1 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA etm=0" \
0 \
-c "Read from server: 1 bytes read"
@@ -9069,13 +8967,13 @@
run_test "Small server packet TLS 1.2 AEAD" \
"$P_SRV response_size=1 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
0 \
-c "Read from server: 1 bytes read"
run_test "Small server packet TLS 1.2 AEAD shorter tag" \
"$P_SRV response_size=1 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \
0 \
-c "Read from server: 1 bytes read"
@@ -9099,7 +8997,7 @@
run_test "Small server packet DTLS 1.2" \
"$P_SRV dtls=1 response_size=1 force_version=dtls12" \
"$P_CLI dtls=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 1 bytes read"
@@ -9107,7 +9005,7 @@
run_test "Small server packet DTLS 1.2, without EtM" \
"$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \
"$P_CLI dtls=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 1 bytes read"
@@ -9121,7 +9019,7 @@
run_test "Large client packet TLS 1.2 BlockCipher" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9129,7 +9027,7 @@
run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 etm=0 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9144,7 +9042,7 @@
run_test "Large client packet TLS 1.2 AEAD" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
0 \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9152,7 +9050,7 @@
run_test "Large client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \
0 \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9178,13 +9076,13 @@
# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
run_test "Large server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=16384 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 16384 bytes read"
run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV response_size=16384 force_version=tls12" \
- "$P_CLI etm=0 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ "$P_CLI etm=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "16384 bytes written in 1 fragments" \
-c "Read from server: 16384 bytes read"
@@ -9197,20 +9095,20 @@
run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV response_size=16384 trunc_hmac=1 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
-s "16384 bytes written in 1 fragments" \
-c "Read from server: 16384 bytes read"
run_test "Large server packet TLS 1.2 AEAD" \
"$P_SRV response_size=16384 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
0 \
-c "Read from server: 16384 bytes read"
run_test "Large server packet TLS 1.2 AEAD shorter tag" \
"$P_SRV response_size=16384 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \
0 \
-c "Read from server: 16384 bytes read"
@@ -9538,51 +9436,6 @@
-c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
-c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt, delay=0" \
- "$P_SRV \
- async_operations=d async_private_delay1=0 async_private_delay2=0" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume (slot [0-9]): decrypt done, status=0"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt, delay=1" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume (slot [0-9]): call 0 more times." \
- -s "Async resume (slot [0-9]): decrypt done, status=0"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: sign callback not present" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1" \
- "$P_CLI force_version=tls12; [ \$? -eq 1 ] &&
- $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -S "Async sign callback" \
- -s "! mbedtls_ssl_handshake returned" \
- -s "The own private key or pre-shared key is not set, but needed" \
- -s "Async resume (slot [0-9]): decrypt done, status=0" \
- -s "Successful connection"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt callback not present" \
- "$P_SRV debug_level=1 \
- async_operations=s async_private_delay1=1 async_private_delay2=1" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA;
- [ \$? -eq 1 ] && $P_CLI force_version=tls12" \
- 0 \
- -S "Async decrypt callback" \
- -s "! mbedtls_ssl_handshake returned" \
- -s "got no RSA private key" \
- -s "Async resume (slot [0-9]): sign done, status=0" \
- -s "Successful connection"
-
# key1: ECDSA, key2: RSA; use key1 from slot 0
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
run_test "SSL async private: slot 0 used with key1" \
@@ -9669,41 +9522,6 @@
-s "! mbedtls_ssl_handshake returned"
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt, error in start" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1 \
- async_private_error=1" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 1 \
- -s "Async decrypt callback: injected error" \
- -S "Async resume" \
- -S "Async cancel" \
- -s "! mbedtls_ssl_handshake returned"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt, cancel after start" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1 \
- async_private_error=2" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 1 \
- -s "Async decrypt callback: using key slot " \
- -S "Async resume" \
- -s "Async cancel"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt, error in resume" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1 \
- async_private_error=3" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 1 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume callback: decrypt done but injected error" \
- -S "Async cancel" \
- -s "! mbedtls_ssl_handshake returned"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
run_test "SSL async private: cancel after start then operate correctly" \
"$P_SRV force_version=tls12 \
async_operations=s async_private_delay1=1 async_private_delay2=1 \
@@ -9790,37 +9608,13 @@
-s "Async sign callback: using key slot " \
-s "Async resume (slot [0-9]): sign done, status=0"
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-run_test "SSL async private: renegotiation: client-initiated, decrypt" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1 \
- exchanges=2 renegotiation=1" \
- "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume (slot [0-9]): decrypt done, status=0"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-run_test "SSL async private: renegotiation: server-initiated, decrypt" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1 \
- exchanges=2 renegotiation=1 renegotiate=1" \
- "$P_CLI exchanges=2 renegotiation=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume (slot [0-9]): decrypt done, status=0"
-
# Tests for ECC extensions (rfc 4492)
requires_hash_alg SHA_256
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
run_test "Force a non ECC ciphersuite in the client side" \
- "$P_SRV debug_level=3" \
- "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
+ "$P_SRV debug_level=3 psk=73776f726466697368" \
+ "$P_CLI debug_level=3 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA256" \
0 \
-C "client hello, adding supported_groups extension" \
-C "client hello, adding supported_point_formats extension" \
@@ -9828,10 +9622,10 @@
-S "found supported point formats extension"
requires_hash_alg SHA_256
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
run_test "Force a non ECC ciphersuite in the server side" \
- "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
- "$P_CLI debug_level=3" \
+ "$P_SRV debug_level=3 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA256" \
+ "$P_CLI debug_level=3 psk=73776f726466697368" \
0 \
-C "found supported_point_formats extension" \
-S "server hello, supported_point_formats extension"
@@ -11792,11 +11586,11 @@
-c "HTTP/1.0 200 OK"
client_needs_more_time 2
-run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
+run_test "DTLS proxy: 3d, \"short\" ECDHE-RSA handshake" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
"$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
0 \
-s "Extra-header:" \
-c "HTTP/1.0 200 OK"
@@ -13872,6 +13666,179 @@
-c "Handshake was completed" \
-s "dumping .client hello, compression. (2 bytes)"
+# Handshake defragmentation testing
+
+# Most test cases are in opt-testcases/handshake-generated.sh
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_certificate_authentication
+run_test "Handshake defragmentation on server: len=32, TLS 1.2 ClientHello (unsupported)" \
+ "$P_SRV debug_level=4 force_version=tls12 auth_mode=required" \
+ "$O_NEXT_CLI -tls1_2 -split_send_frag 32 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \
+ 1 \
+ -s "The SSL configuration is tls12 only" \
+ -s "bad client hello message" \
+ -s "SSL - A message could not be parsed due to a syntactic error"
+
+# Test server-side buffer resizing with fragmented handshake on TLS1.2
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+requires_max_content_len 1025
+run_test "Handshake defragmentation on server: len=256, buffer resizing with MFL=1024" \
+ "$P_SRV debug_level=4 auth_mode=required" \
+ "$O_NEXT_CLI -tls1_2 -split_send_frag 256 -maxfraglen 1024 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \
+ 0 \
+ -s "Reallocating in_buf" \
+ -s "Reallocating out_buf" \
+ -s "reassembled record" \
+ -s "initial handshake fragment: 256, 0\\.\\.256 of [0-9]\\+" \
+ -s "Prepare: waiting for more handshake fragments 256/" \
+ -s "Consume: waiting for more handshake fragments 256/"
+
+# Test client-initiated renegotiation with fragmented handshake on TLS1.2
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+run_test "Handshake defragmentation on server: len=512, client-initiated renegotiation" \
+ "$P_SRV debug_level=4 exchanges=2 renegotiation=1 auth_mode=required" \
+ "$O_NEXT_CLI_RENEGOTIATE -tls1_2 -split_send_frag 512 -connect 127.0.0.1:+$SRV_PORT" \
+ 0 \
+ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
+ -s "found renegotiation extension" \
+ -s "server hello, secure renegotiation extension" \
+ -s "=> renegotiate" \
+ -S "write hello request" \
+ -s "reassembled record" \
+ -s "initial handshake fragment: 512, 0\\.\\.512 of [0-9]\\+" \
+ -s "Prepare: waiting for more handshake fragments 512/" \
+ -s "Consume: waiting for more handshake fragments 512/" \
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+run_test "Handshake defragmentation on server: len=256, client-initiated renegotiation" \
+ "$P_SRV debug_level=4 exchanges=2 renegotiation=1 auth_mode=required" \
+ "$O_NEXT_CLI_RENEGOTIATE -tls1_2 -split_send_frag 256 -connect 127.0.0.1:+$SRV_PORT" \
+ 0 \
+ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
+ -s "found renegotiation extension" \
+ -s "server hello, secure renegotiation extension" \
+ -s "=> renegotiate" \
+ -S "write hello request" \
+ -s "reassembled record" \
+ -s "initial handshake fragment: 256, 0\\.\\.256 of [0-9]\\+" \
+ -s "Prepare: waiting for more handshake fragments 256/" \
+ -s "Consume: waiting for more handshake fragments 256/" \
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+run_test "Handshake defragmentation on server: len=128, client-initiated renegotiation" \
+ "$P_SRV debug_level=4 exchanges=2 renegotiation=1 auth_mode=required" \
+ "$O_NEXT_CLI_RENEGOTIATE -tls1_2 -split_send_frag 128 -connect 127.0.0.1:+$SRV_PORT" \
+ 0 \
+ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
+ -s "found renegotiation extension" \
+ -s "server hello, secure renegotiation extension" \
+ -s "=> renegotiate" \
+ -S "write hello request" \
+ -s "reassembled record" \
+ -s "initial handshake fragment: 128, 0\\.\\.128 of [0-9]\\+" \
+ -s "Prepare: waiting for more handshake fragments 128/" \
+ -s "Consume: waiting for more handshake fragments 128/" \
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+run_test "Handshake defragmentation on server: len=4, client-initiated renegotiation" \
+ "$P_SRV debug_level=4 exchanges=2 renegotiation=1 auth_mode=required" \
+ "$O_NEXT_CLI_RENEGOTIATE -tls1_2 -split_send_frag 4 -connect 127.0.0.1:+$SRV_PORT" \
+ 0 \
+ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
+ -s "found renegotiation extension" \
+ -s "server hello, secure renegotiation extension" \
+ -s "=> renegotiate" \
+ -S "write hello request" \
+ -s "reassembled record" \
+ -s "initial handshake fragment: 4, 0\\.\\.4 of [0-9]\\+" \
+ -s "Prepare: waiting for more handshake fragments 4/" \
+ -s "Consume: waiting for more handshake fragments 4/" \
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+run_test "Handshake defragmentation on server: len=4, client-initiated server-rejected renegotiation" \
+ "$P_SRV debug_level=4 exchanges=2 renegotiation=0 auth_mode=required" \
+ "$O_NEXT_CLI_RENEGOTIATE -tls1_2 -split_send_frag 4 -connect 127.0.0.1:+$SRV_PORT" \
+ 1 \
+ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
+ -s "refusing renegotiation, sending alert" \
+ -s "server hello, secure renegotiation extension" \
+ -s "initial handshake fragment: 4, 0\\.\\.4 of [0-9]\\+" \
+ -s "Prepare: waiting for more handshake fragments 4/" \
+ -s "Consume: waiting for more handshake fragments 4/" \
+
+# Test server-initiated renegotiation with fragmented handshake on TLS1.2
+
+# Note: The /reneg endpoint serves as a directive for OpenSSL's s_server
+# to initiate a handshake renegotiation.
+# Note: Adjusting the renegotiation delay beyond the library's default
+# value of 16 is necessary. This parameter defines the maximum
+# number of records received before renegotiation is completed.
+# By fragmenting records and thereby increasing their quantity,
+# the default threshold can be reached more quickly.
+# Setting it to -1 disables that policy's enforment.
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+run_test "Handshake defragmentation on client: len=512, server-initiated renegotiation" \
+ "$O_NEXT_SRV -tls1_2 -split_send_frag 512 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \
+ "$P_CLI debug_level=3 renegotiation=1 request_page=/reneg" \
+ 0 \
+ -c "initial handshake fragment: 512, 0\\.\\.512 of [0-9]\\+" \
+ -c "Prepare: waiting for more handshake fragments 512/" \
+ -c "Consume: waiting for more handshake fragments 512/" \
+ -c "client hello, adding renegotiation extension" \
+ -c "found renegotiation extension" \
+ -c "=> renegotiate"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+run_test "Handshake defragmentation on client: len=256, server-initiated renegotiation" \
+ "$O_NEXT_SRV -tls1_2 -split_send_frag 256 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \
+ "$P_CLI debug_level=3 renegotiation=1 renego_delay=-1 request_page=/reneg" \
+ 0 \
+ -c "initial handshake fragment: 256, 0\\.\\.256 of [0-9]\\+" \
+ -c "Prepare: waiting for more handshake fragments 256/" \
+ -c "Consume: waiting for more handshake fragments 256/" \
+ -c "client hello, adding renegotiation extension" \
+ -c "found renegotiation extension" \
+ -c "=> renegotiate"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+run_test "Handshake defragmentation on client: len=128, server-initiated renegotiation" \
+ "$O_NEXT_SRV -tls1_2 -split_send_frag 128 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \
+ "$P_CLI debug_level=3 renegotiation=1 renego_delay=-1 request_page=/reneg" \
+ 0 \
+ -c "initial handshake fragment: 128, 0\\.\\.128 of [0-9]\\+" \
+ -c "Prepare: waiting for more handshake fragments 128/" \
+ -c "Consume: waiting for more handshake fragments 128/" \
+ -c "client hello, adding renegotiation extension" \
+ -c "found renegotiation extension" \
+ -c "=> renegotiate"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+run_test "Handshake defragmentation on client: len=4, server-initiated renegotiation" \
+ "$O_NEXT_SRV -tls1_2 -split_send_frag 4 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \
+ "$P_CLI debug_level=3 renegotiation=1 renego_delay=-1 request_page=/reneg" \
+ 0 \
+ -c "initial handshake fragment: 4, 0\\.\\.4 of [0-9]\\+" \
+ -c "Prepare: waiting for more handshake fragments 4/" \
+ -c "Consume: waiting for more handshake fragments 4/" \
+ -c "client hello, adding renegotiation extension" \
+ -c "found renegotiation extension" \
+ -c "=> renegotiate"
+
# Test heap memory usage after handshake
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_MEMORY_DEBUG
diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data
index c8f40a0..0989e61 100644
--- a/tests/suites/test_suite_debug.data
+++ b/tests/suites/test_suite_debug.data
@@ -1,3 +1,12 @@
+printf "%" MBEDTLS_PRINTF_SIZET, 0
+printf_int_expr:PRINTF_SIZET:sizeof(size_t):0:"0"
+
+printf "%" MBEDTLS_PRINTF_LONGLONG, 0
+printf_int_expr:PRINTF_LONGLONG:sizeof(long long):0:"0"
+
+printf "%" MBEDTLS_PRINTF_MS_TIME, 0
+printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):0:"0"
+
Debug print msg (threshold 1, level 0)
debug_print_msg_threshold:1:0:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n"
diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function
index a71db14..57b8f4e 100644
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@@ -4,11 +4,34 @@
#include "mbedtls/pk.h"
#include <test/ssl_helpers.h>
+#if defined(_WIN32)
+# include <stdlib.h>
+# include <crtdbg.h>
+#endif
+
+// Dummy type for builds without MBEDTLS_HAVE_TIME
+#if !defined(MBEDTLS_HAVE_TIME)
+typedef int64_t mbedtls_ms_time_t;
+#endif
+
+typedef enum {
+ PRINTF_SIZET,
+ PRINTF_LONGLONG,
+ PRINTF_MS_TIME,
+} printf_format_indicator_t;
+
+const char *const printf_formats[] = {
+ [PRINTF_SIZET] = "%" MBEDTLS_PRINTF_SIZET,
+ [PRINTF_LONGLONG] = "%" MBEDTLS_PRINTF_LONGLONG,
+ [PRINTF_MS_TIME] = "%" MBEDTLS_PRINTF_MS_TIME,
+};
+
struct buffer_data {
char buf[2000];
char *ptr;
};
+#if defined(MBEDTLS_SSL_TLS_C)
static void string_debug(void *data, int level, const char *file, int line, const char *str)
{
struct buffer_data *buffer = (struct buffer_data *) data;
@@ -44,14 +67,77 @@
buffer->ptr = p;
}
+#endif /* MBEDTLS_SSL_TLS_C */
+
+#if defined(_WIN32)
+static void noop_invalid_parameter_handler(
+ const wchar_t *expression,
+ const wchar_t *function,
+ const wchar_t *file,
+ unsigned int line,
+ uintptr_t pReserved)
+{
+ (void) expression;
+ (void) function;
+ (void) file;
+ (void) line;
+ (void) pReserved;
+}
+#endif /* _WIN32 */
+
/* END_HEADER */
/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_DEBUG_C:MBEDTLS_SSL_TLS_C
+ * depends_on:MBEDTLS_DEBUG_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
+void printf_int_expr(int format_indicator, intmax_t sizeof_x, intmax_t x, char *result)
+{
+#if defined(_WIN32)
+ /* Windows treats any invalid format specifiers passsed to the CRT as fatal assertion failures.
+ Disable this behaviour temporarily, so the rest of the test cases can complete. */
+ _invalid_parameter_handler saved_handler =
+ _set_invalid_parameter_handler(noop_invalid_parameter_handler);
+
+ // Disable assertion pop-up window in Debug builds
+ int saved_report_mode = _CrtSetReportMode(_CRT_ASSERT, _CRTDBG_REPORT_MODE);
+ _CrtSetReportMode(_CRT_ASSERT, _CRTDBG_MODE_DEBUG);
+#endif
+
+ const char *format = printf_formats[format_indicator];
+ char *output = NULL;
+ const size_t n = strlen(result);
+
+ /* Nominal case: buffer just large enough */
+ TEST_CALLOC(output, n + 1);
+ if ((size_t) sizeof_x <= sizeof(int)) { // Any smaller integers would be promoted to an int due to calling a vararg function
+ TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, (int) x));
+ } else if (sizeof_x == sizeof(long)) {
+ TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, (long) x));
+ } else if (sizeof_x == sizeof(long long)) {
+ TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, (long long) x));
+ } else {
+ TEST_FAIL(
+ "sizeof_x <= sizeof(int) || sizeof_x == sizeof(long) || sizeof_x == sizeof(long long)");
+ }
+ TEST_MEMORY_COMPARE(result, n + 1, output, n + 1);
+
+exit:
+ mbedtls_free(output);
+ output = NULL;
+
+#if defined(_WIN32)
+ // Restore default Windows behaviour
+ _set_invalid_parameter_handler(saved_handler);
+ _CrtSetReportMode(_CRT_ASSERT, saved_report_mode);
+ (void) saved_report_mode;
+#endif
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_TLS_C */
void debug_print_msg_threshold(int threshold, int level, char *file,
int line, char *result_str)
{
@@ -70,7 +156,6 @@
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -89,7 +174,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_TLS_C */
void mbedtls_debug_print_ret(char *file, int line, char *text, int value,
char *result_str)
{
@@ -108,7 +193,6 @@
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -124,7 +208,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_TLS_C */
void mbedtls_debug_print_buf(char *file, int line, char *text,
data_t *data, char *result_str)
{
@@ -143,7 +227,6 @@
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -159,7 +242,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_TLS_C:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void mbedtls_debug_print_crt(char *crt_file, char *file, int line,
char *prefix, char *result_str)
{
@@ -181,7 +264,6 @@
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -199,7 +281,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_TLS_C:MBEDTLS_BIGNUM_C */
void mbedtls_debug_print_mpi(char *value, char *file, int line,
char *prefix, char *result_str)
{
@@ -220,7 +302,6 @@
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index cd0c303..565588b 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -368,9 +368,9 @@
depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0
-Handshake, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0
+Handshake, ECDHE-RSA-WITH-AES-128-CBC-SHA256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256":MBEDTLS_PK_RSA:0
Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384
depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
@@ -396,9 +396,9 @@
depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1
-DTLS Handshake, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1
+DTLS Handshake, ECDHE-RSA-WITH-AES-128-CBC-SHA256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256":MBEDTLS_PK_RSA:1
DTLS Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384
depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
@@ -435,22 +435,6 @@
depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT
handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_3
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
-
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
-
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
-
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
-
Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque
depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
@@ -629,39 +613,51 @@
resize_buffers_serialize_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096
DTLS no legacy renegotiation with MFL=512
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:""
DTLS no legacy renegotiation with MFL=1024
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:""
DTLS no legacy renegotiation with MFL=2048
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:""
DTLS no legacy renegotiation with MFL=4096
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:""
DTLS legacy allow renegotiation with MFL=512
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:""
DTLS legacy allow renegotiation with MFL=1024
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:""
DTLS legacy allow renegotiation with MFL=2048
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:""
DTLS legacy allow renegotiation with MFL=4096
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:""
DTLS legacy break handshake renegotiation with MFL=512
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:""
DTLS legacy break handshake renegotiation with MFL=1024
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:""
DTLS legacy break handshake renegotiation with MFL=2048
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:""
DTLS legacy break handshake renegotiation with MFL=4096
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:""
DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384
@@ -712,53 +708,53 @@
depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384"
-DTLS no legacy renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS no legacy renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS no legacy renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS no legacy renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy allow renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy allow renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy allow renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy allow renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy break handshake renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy break handshake renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy break handshake renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy break handshake renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy break handshake renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy break handshake renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy break handshake renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-CBC-SHA384
depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 2b50f0e..743b53c 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -63,6 +63,45 @@
}
#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+ defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) && \
+ defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+ defined(PSA_WANT_ECC_SECP_R1_384) && \
+ defined(PSA_WANT_ALG_SHA_256)
+/*
+ * Test function to perform a handshake using the mfl extension and with
+ * setting the resize buffer option.
+ */
+static void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation,
+ int serialize, int dtls, char *cipher)
+{
+ mbedtls_test_handshake_test_options options;
+ mbedtls_test_init_handshake_options(&options);
+
+ options.mfl = mfl;
+ options.cipher = cipher;
+ options.renegotiate = renegotiation;
+ options.legacy_renegotiation = legacy_renegotiation;
+ options.serialize = serialize;
+ options.dtls = dtls;
+ if (dtls) {
+ options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2;
+ }
+ options.resize_buffers = 1;
+
+ const mbedtls_ssl_ciphersuite_t *ciphersuite =
+ mbedtls_ssl_ciphersuite_from_string(cipher);
+ if (ciphersuite != NULL) {
+ options.pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite);
+ }
+
+ mbedtls_test_ssl_perform_handshake(&options);
+
+ mbedtls_test_free_handshake_options(&options);
+}
+
+#endif
+
#if defined(PSA_WANT_ALG_GCM) || defined(PSA_WANT_ALG_CHACHA20_POLY1305)
#define TEST_GCM_OR_CHACHAPOLY_ENABLED
#endif
@@ -1180,7 +1219,6 @@
MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
MBEDTLS_SSL_PRESET_DEFAULT) == 0);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -1302,8 +1340,7 @@
rec_backup = rec;
/* Encrypt record */
- ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec,
- mbedtls_test_rnd_std_rand, NULL);
+ ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec);
TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
if (ret != 0) {
continue;
@@ -1456,8 +1493,7 @@
rec_backup = rec;
/* Encrypt record */
- ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec,
- mbedtls_test_rnd_std_rand, NULL);
+ ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec);
if (ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) {
/* It's ok if the output buffer is too small. We do insist
@@ -1910,8 +1946,7 @@
memset(&rec.ctr[0], 0, 8);
rec.ctr[7] = ctr;
- TEST_ASSERT(mbedtls_ssl_encrypt_buf(NULL, &transform_send, &rec,
- NULL, NULL) == 0);
+ TEST_ASSERT(mbedtls_ssl_encrypt_buf(NULL, &transform_send, &rec) == 0);
if (padding_used == MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) {
TEST_MEMORY_COMPARE(rec.buf + rec.data_offset, rec.data_len,
@@ -2825,48 +2860,43 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */
-void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation,
- int serialize, int dtls, char *cipher)
-{
- mbedtls_test_handshake_test_options options;
- mbedtls_test_init_handshake_options(&options);
-
- options.mfl = mfl;
- options.cipher = cipher;
- options.renegotiate = renegotiation;
- options.legacy_renegotiation = legacy_renegotiation;
- options.serialize = serialize;
- options.dtls = dtls;
- if (dtls) {
- options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2;
- }
- options.resize_buffers = 1;
-
- mbedtls_test_ssl_perform_handshake(&options);
-
- /* The goto below is used to avoid an "unused label" warning.*/
- goto exit;
-exit:
- mbedtls_test_free_handshake_options(&options);
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_TEST_HAS_AEAD_ALG */
void resize_buffers_serialize_mfl(int mfl)
{
- test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1,
- (char *) "");
- /* The goto below is used to avoid an "unused label" warning.*/
- goto exit;
+ /* Choose an AEAD ciphersuite */
+ const int *ciphersuites = mbedtls_ssl_list_ciphersuites();
+ const mbedtls_ssl_ciphersuite_t *ciphersuite = NULL;
+ int i = 0;
+ while (ciphersuites[i] != 0) {
+ ciphersuite = mbedtls_ssl_ciphersuite_from_id(ciphersuites[i]);
+
+ if (ciphersuite->min_tls_version == MBEDTLS_SSL_VERSION_TLS1_2) {
+ const mbedtls_ssl_mode_t mode =
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM)
+ mbedtls_ssl_get_mode_from_ciphersuite(0, ciphersuite);
+#else
+ mbedtls_ssl_get_mode_from_ciphersuite(ciphersuite);
+#endif
+ if (mode == MBEDTLS_SSL_MODE_AEAD) {
+ break;
+ }
+ }
+
+ i++;
+ }
+
+ TEST_ASSERT(ciphersuite != NULL);
+
+ resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1,
+ (char *) ciphersuite->name);
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */
void resize_buffers_renegotiate_mfl(int mfl, int legacy_renegotiation,
char *cipher)
{
- test_resize_buffers(mfl, 1, legacy_renegotiation, 0, 1, cipher);
+ resize_buffers(mfl, 1, legacy_renegotiation, 0, 1, cipher);
/* The goto below is used to avoid an "unused label" warning.*/
goto exit;
}
@@ -2999,7 +3029,6 @@
mbedtls_ssl_conf_transport(&conf, transport);
mbedtls_ssl_conf_min_tls_version(&conf, min_tls_version);
mbedtls_ssl_conf_max_tls_version(&conf, max_tls_version);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == expected_ssl_setup_result);
TEST_EQUAL(mbedtls_ssl_conf_get_endpoint(
@@ -3024,7 +3053,6 @@
mbedtls_ssl_config conf;
mbedtls_ssl_config_init(&conf);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT);
@@ -3134,7 +3162,6 @@
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0);
TEST_EQUAL(mbedtls_ssl_check_dtls_clihlo_cookie(&ssl, ssl.cli_id,
@@ -3189,7 +3216,6 @@
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT)
== 0);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -3448,7 +3474,6 @@
MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT), 0);
- mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0);
@@ -4985,3 +5010,193 @@
PSA_DONE();
}
/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_DEBUG_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
+void inject_client_content_on_the_wire(int pk_alg,
+ int state, data_t *data,
+ char *log_pattern, int expected_ret)
+{
+ /* This function allows us to inject content at a specific state
+ * in the handshake, or when it's completed. The content is injected
+ * on the mock TCP socket, as if we were an active network attacker.
+ *
+ * This function is suitable to inject:
+ * - crafted records, at any point;
+ * - valid records that contain crafted handshake messages, but only
+ * when the traffic is still unprotected (for TLS 1.2 that's most of the
+ * handshake, for TLS 1.3 that's only the Hello messages);
+ * - handshake messages that are fragmented in a specific way,
+ * under the same conditions as above.
+ */
+ enum { BUFFSIZE = 16384 };
+ mbedtls_test_ssl_endpoint server, client;
+ mbedtls_platform_zeroize(&server, sizeof(server));
+ mbedtls_platform_zeroize(&client, sizeof(client));
+ mbedtls_test_handshake_test_options options;
+ mbedtls_test_init_handshake_options(&options);
+ mbedtls_test_ssl_log_pattern srv_pattern;
+ memset(&srv_pattern, 0, sizeof(srv_pattern));
+ int ret = -1;
+
+ PSA_INIT();
+
+ srv_pattern.pattern = log_pattern;
+ options.srv_log_obj = &srv_pattern;
+ options.srv_log_fun = mbedtls_test_ssl_log_analyzer;
+ mbedtls_debug_set_threshold(3);
+
+ options.pk_alg = pk_alg;
+
+ ret = mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
+ &options, NULL, NULL, NULL);
+ TEST_EQUAL(ret, 0);
+
+ ret = mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
+ &options, NULL, NULL, NULL);
+ TEST_EQUAL(ret, 0);
+
+ ret = mbedtls_test_mock_socket_connect(&server.socket, &client.socket,
+ BUFFSIZE);
+ TEST_EQUAL(ret, 0);
+
+ /* Make the server move to the required state */
+ ret = mbedtls_test_move_handshake_to_state(&client.ssl, &server.ssl, state);
+ TEST_EQUAL(ret, 0);
+
+ /* Send the crafted message */
+ ret = mbedtls_test_mock_tcp_send_b(&client.socket, data->x, data->len);
+ TEST_EQUAL(ret, (int) data->len);
+
+ /* Have the server process it.
+ * Need the loop because a server that support 1.3 and 1.2
+ * will process a 1.2 ClientHello in two steps.
+ */
+ do {
+ ret = mbedtls_ssl_handshake_step(&server.ssl);
+ } while (ret == 0 && server.ssl.state == state);
+ TEST_EQUAL(ret, expected_ret);
+ TEST_ASSERT(srv_pattern.counter >= 1);
+
+exit:
+ mbedtls_test_free_handshake_options(&options);
+ mbedtls_test_ssl_endpoint_free(&server, NULL);
+ mbedtls_test_ssl_endpoint_free(&client, NULL);
+ mbedtls_debug_set_threshold(0);
+ PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_DEBUG_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY */
+void send_large_fragmented_hello(int hs_len_int, int first_frag_content_len_int,
+ char *log_pattern, int expected_ret)
+{
+ /* This function sends a long message (claiming to be a ClientHello)
+ * fragmented in 1-byte fragments (except the initial fragment).
+ * The purpose is to test how the stack reacts when receiving:
+ * - a message larger than our buffer;
+ * - a message smaller than our buffer, but where the intermediate size of
+ * holding all the fragments (including overhead) is larger than our
+ * buffer.
+ */
+ enum { BUFFSIZE = 16384 };
+ mbedtls_test_ssl_endpoint server, client;
+ mbedtls_platform_zeroize(&server, sizeof(server));
+ mbedtls_platform_zeroize(&client, sizeof(client));
+
+ mbedtls_test_handshake_test_options options;
+ mbedtls_test_init_handshake_options(&options);
+
+ mbedtls_test_ssl_log_pattern srv_pattern;
+ memset(&srv_pattern, 0, sizeof(srv_pattern));
+
+ unsigned char *first_frag = NULL;
+ int ret = -1;
+
+ size_t hs_len = (size_t) hs_len_int;
+ size_t first_frag_content_len = (size_t) first_frag_content_len_int;
+
+ PSA_INIT();
+
+ srv_pattern.pattern = log_pattern;
+ options.srv_log_obj = &srv_pattern;
+ options.srv_log_fun = mbedtls_test_ssl_log_analyzer;
+ mbedtls_debug_set_threshold(1);
+
+ // Does't really matter but we want to know to declare dependencies.
+ options.pk_alg = MBEDTLS_PK_ECDSA;
+
+ ret = mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
+ &options, NULL, NULL, NULL);
+ TEST_EQUAL(ret, 0);
+
+ ret = mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
+ &options, NULL, NULL, NULL);
+ TEST_EQUAL(ret, 0);
+
+ ret = mbedtls_test_mock_socket_connect(&server.socket, &client.socket,
+ BUFFSIZE);
+ TEST_EQUAL(ret, 0);
+
+ /* Make the server move past the initial dummy state */
+ ret = mbedtls_test_move_handshake_to_state(&client.ssl, &server.ssl,
+ MBEDTLS_SSL_CLIENT_HELLO);
+ TEST_EQUAL(ret, 0);
+
+ /* Prepare initial fragment */
+ const size_t first_len = 5 // record header, see below
+ + 4 // handshake header, see balow
+ + first_frag_content_len;
+ TEST_CALLOC(first_frag, first_len);
+ unsigned char *p = first_frag;
+ // record header
+ // record type: handshake
+ *p++ = 0x16,
+ // record version (actually common to TLS 1.2 and TLS 1.3)
+ *p++ = 0x03,
+ *p++ = 0x03,
+ // record length: two bytes
+ *p++ = (unsigned char) (((4 + first_frag_content_len) >> 8) & 0xff);
+ *p++ = (unsigned char) (((4 + first_frag_content_len) >> 0) & 0xff);
+ // handshake header
+ // handshake type: ClientHello
+ *p++ = 0x01,
+ // handshake length: three bytes
+ *p++ = (unsigned char) ((hs_len >> 16) & 0xff);
+ *p++ = (unsigned char) ((hs_len >> 8) & 0xff);
+ *p++ = (unsigned char) ((hs_len >> 0) & 0xff);
+ // handshake content: dummy value
+ memset(p, 0x2a, first_frag_content_len);
+
+ /* Send initial fragment and have the server process it. */
+ ret = mbedtls_test_mock_tcp_send_b(&client.socket, first_frag, first_len);
+ TEST_ASSERT(ret >= 0 && (size_t) ret == first_len);
+
+ ret = mbedtls_ssl_handshake_step(&server.ssl);
+ TEST_EQUAL(ret, MBEDTLS_ERR_SSL_WANT_READ);
+
+ /* Dummy 1-byte fragment to repeatedly send next */
+ const unsigned char next[] = {
+ 0x16, 0x03, 0x03, 0x00, 0x01, // record header (see above)
+ 0x2a, // Dummy handshake message content
+ };
+ for (size_t left = hs_len - first_frag_content_len; left != 0; left--) {
+ ret = mbedtls_test_mock_tcp_send_b(&client.socket, next, sizeof(next));
+ TEST_ASSERT(ret >= 0 && (size_t) ret == sizeof(next));
+
+ ret = mbedtls_ssl_handshake_step(&server.ssl);
+ if (ret != MBEDTLS_ERR_SSL_WANT_READ) {
+ break;
+ }
+ }
+ TEST_EQUAL(ret, expected_ret);
+ TEST_EQUAL(srv_pattern.counter, 1);
+
+exit:
+ mbedtls_test_free_handshake_options(&options);
+ mbedtls_test_ssl_endpoint_free(&server, NULL);
+ mbedtls_test_ssl_endpoint_free(&client, NULL);
+ mbedtls_debug_set_threshold(0);
+ mbedtls_free(first_frag);
+ PSA_DONE();
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_ssl.tls-defrag.data b/tests/suites/test_suite_ssl.tls-defrag.data
new file mode 100644
index 0000000..7817c4f
--- /dev/null
+++ b/tests/suites/test_suite_ssl.tls-defrag.data
@@ -0,0 +1,215 @@
+# (Minimal) ClientHello breakdown:
+# 160303rlrl - record header, 2-byte record contents len
+# 01hlhlhl - handshake header, 3-byte handshake message len
+# 0303 - protocol version: 1.2
+# 0123456789abcdef (repeated, 4 times total) - 32-byte "random"
+# 00 - session ID (empty)
+# 0002cvcv - ciphersuite list: 2-byte len + list of 2-byte values (see below)
+# 0100 - compression methods: 1-byte len then "null" (only legal value now)
+# [then end, or extensions, see notes below]
+# elel - 2-byte extensions length
+# ...
+# 000a - elliptic_curves aka supported_groups
+# 0004 - extension length
+# 0002 - length of named_curve_list / named_group_list
+# 0017 - secp256r1 aka NIST P-256
+# ...
+# 002b - supported version (for TLS 1.3)
+# 0003 - extension length
+# 02 - length of versions
+# 0304 - TLS 1.3 ("SSL 3.4")
+# ...
+# 000d - signature algorithms
+# 0004 - extension length
+# 0002 - SignatureSchemeList length
+# 0403 - ecdsa_secp256r1_sha256
+# ...
+# 0033 - key share
+# 0002 - extension length
+# 0000 - length of client_shares (empty is valid)
+#
+# Note: currently our TLS "1.3 or 1.2" code requires extension length to be
+# present even it it's 0. This is not strictly compliant but doesn't matter
+# much in practice as these days everyone wants to use signature_algorithms
+# (for hashes better than SHA-1), secure_renego (even if you have renego
+# disabled), and most people want either ECC or PSK related extensions.
+# See https://github.com/Mbed-TLS/mbedtls/issues/9963
+#
+# Also, currently we won't negotiate ECC ciphersuites unless at least the
+# supported_groups extension is present, see
+# https://github.com/Mbed-TLS/mbedtls/issues/7458
+#
+# For TLS 1.3 with ephemeral key exchange, mandatory extensions are:
+# - supported versions (as for all of TLS 1.3)
+# - supported groups
+# - key share
+# - signature algorithms
+# (see ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange()).
+#
+# Note: cccc is currently not assigned, so can be used get a consistent
+# "no matching ciphersuite" behaviour regardless of the configuration.
+# c02b is MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (1.2)
+# 1301 is MBEDTLS_TLS1_3_AES_128_GCM_SHA256 (1.3)
+
+# See "ClientHello breakdown" above
+# MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 with secp256r1
+Inject ClientHello - TLS 1.2 good (for reference)
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_1
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300370100003303030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef000002c02b01000008000a000400020017":"<= parse client hello":0
+
+# See "ClientHello breakdown" above
+# Same as the above test with s/c02b/cccc/ as the ciphersuite
+Inject ClientHello - TLS 1.2 unknown ciphersuite (for reference)
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_1
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303002f0100002b03030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef000002cccc01000000":"got no ciphersuites in common":MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 good (for reference)
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303004c0100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"key exchange mode\: ephemeral":0
+
+# See "ClientHello breakdown" above
+# Same as the above test with s/1301/cccc/ as the ciphersuite
+Inject ClientHello - TLS 1.3 unknown ciphersuite (for reference)
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303004c0100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef000002cccc0100001d000a000400020017002b0003020304000d000400020403003300020000":"No matched ciphersuite":MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+# The purpose of this test case is to ensure nothing bad happens when the
+# connection is closed while we're waiting for more fragments.
+Inject ClientHello - TLS 1.3 4 + 71 then EOF (missing 1 byte)
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303000401000048160303004703030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d0004000204030033000200":"waiting for more handshake fragments":MBEDTLS_ERR_SSL_WANT_READ
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+# The purpose of this test case is to ensure nothing bad happens when the
+# connection is closed while we're waiting for more fragments.
+Inject ClientHello - TLS 1.3 4 then EOF (missing 72 bytes)
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303000401000048":"waiting for more handshake fragments":MBEDTLS_ERR_SSL_WANT_READ
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 4 + 72 OK
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303000401000048160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"key exchange mode\: ephemeral":0
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 3 + 73 rejected
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303000301000016030300494803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"handshake message too short":MBEDTLS_ERR_SSL_INVALID_RECORD
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 2 + 74 rejected
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300020100160303004a004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"handshake message too short":MBEDTLS_ERR_SSL_INVALID_RECORD
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 1 + 75 rejected
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303000101160303004b00004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"handshake message too short":MBEDTLS_ERR_SSL_INVALID_RECORD
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 0 + 76 rejected
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"1603030000160303004c0100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"ssl_get_next_record() returned":MBEDTLS_ERR_SSL_INVALID_RECORD
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 72 + 4 OK
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300480100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d0004000204030033160303000400020000":"key exchange mode\: ephemeral":0
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 73 + 3 OK
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300490100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d0004000204030033001603030003020000":"key exchange mode\: ephemeral":0
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 74 + 2 OK
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303004a0100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d0004000204030033000216030300020000":"key exchange mode\: ephemeral":0
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 73 + 1 OK
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303004b0100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d0004000204030033000200160303000100":"key exchange mode\: ephemeral":0
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 4 + appdata + 72 rejected
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300040100004817030300020102160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"non-handshake message in the middle of a fragmented handshake message":MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 4 + alert(warn) + 72 rejected
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"1603030004010000481503030002015a160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"non-handshake message in the middle of a fragmented handshake message":MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 4 + alert(fatal) + 72 rejected
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"1603030004010000481503030002025a160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"non-handshake message in the middle of a fragmented handshake message":MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 4 + CCS + 72 rejected
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303000401000048140303000101160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"non-handshake message in the middle of a fragmented handshake message":MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
+
+# See "ClientHello breakdown" above
+# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
+Inject ClientHello - TLS 1.3 fragmented 4 + invalid type + 72 rejected
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_GCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_ALG_ECDSA_ANY
+inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"1603030004010000481003030002015a160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"unknown record type":MBEDTLS_ERR_SSL_INVALID_RECORD
+
+# The buffer is actually larger than IN_CONTENT_LEN as we leave room for
+# record protection overhead (IV, MAC/tag, padding (up to 256 bytes)), CID...
+# The maximum size for an unencrypted (and without CID which is DTLS only)
+# handshake message we can hold in the buffer is
+# MBEDTLS_SSL_IN_BUFFER_LEN - MBEDTLS_SSL_HEADER_LEN - 4
+# (the 4 is for the handshake header).
+# However, due to overhead, fragmented messages need to be 5 bytes shorter in
+# order to actually fit (leave room for an extra record header).
+Send large fragmented ClientHello: reassembled 1 byte larger than the buffer
+send_large_fragmented_hello:MBEDTLS_SSL_IN_BUFFER_LEN - MBEDTLS_SSL_HEADER_LEN - 3:0:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
+
+Send large fragmented ClientHello: would just fit except for overhead
+send_large_fragmented_hello:MBEDTLS_SSL_IN_BUFFER_LEN - MBEDTLS_SSL_HEADER_LEN - 4:0:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
+
+Send large fragmented ClientHello: would fit except for overhead (1)
+send_large_fragmented_hello:MBEDTLS_SSL_IN_BUFFER_LEN - MBEDTLS_SSL_HEADER_LEN - 5:0:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
+
+Send large fragmented ClientHello: would fit except for overhead (2)
+send_large_fragmented_hello:MBEDTLS_SSL_IN_BUFFER_LEN - MBEDTLS_SSL_HEADER_LEN - 6:0:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
+
+Send large fragmented ClientHello: would fit except for overhead (3)
+send_large_fragmented_hello:MBEDTLS_SSL_IN_BUFFER_LEN - MBEDTLS_SSL_HEADER_LEN - 7:0:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
+
+Send large fragmented ClientHello: would fit except for overhead (4)
+send_large_fragmented_hello:MBEDTLS_SSL_IN_BUFFER_LEN - MBEDTLS_SSL_HEADER_LEN - 8:0:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
+
+# Since we're sending dummy contents (all 0x2a) for the ClientHello,
+# the first thing that's going to fail is the version check. The fact that we
+# got around to checking it confirms reassembly completed sucessfully.
+Send large fragmented ClientHello: just fits
+send_large_fragmented_hello:MBEDTLS_SSL_IN_BUFFER_LEN - MBEDTLS_SSL_HEADER_LEN - 9:0:"Unsupported version of TLS":MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION
+
+# We're generating a virtual record header for the reassembled HS message,
+# which requires that the length fits in two bytes. Of course we won't get
+# there because if the length doesn't fit in two bytes then the message won't
+# fit in the buffer, but still add a test just in case.
+Send large fragmented ClientHello: length doesn't fit in two bytes
+send_large_fragmented_hello:0x10000:0:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index d1df9e3..376cd12 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -23,13 +23,18 @@
return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, NULL, NULL,
olen, input, output, output_max_len);
}
+
static int mbedtls_rsa_sign_func(void *ctx,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig)
{
- return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, f_rng, p_rng,
- md_alg, hashlen, hash, sig);
+ return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE,
+ md_alg,
+ hashlen,
+ hash,
+ sig);
}
static size_t mbedtls_rsa_key_len_func(void *ctx)
{
@@ -210,8 +215,7 @@
mbedtls_pk_init(&key);
MD_OR_USE_PSA_INIT();
- TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL,
- mbedtls_test_rnd_std_rand, NULL) == 0);
+ TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0);
mbedtls_x509write_csr_set_md_alg(&req, md_type);
mbedtls_x509write_csr_set_key(&req, &key);
@@ -229,8 +233,7 @@
TEST_ASSERT(mbedtls_x509write_csr_set_subject_alternative_name(&req, san_list) == 0);
}
- ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf),
- mbedtls_test_rnd_pseudo_rand, &rnd_info);
+ ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf));
TEST_ASSERT(ret == 0);
pem_len = strlen((char *) buf);
@@ -254,9 +257,7 @@
TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
- der_len = mbedtls_x509write_csr_der(&req, buf, sizeof(buf),
- mbedtls_test_rnd_pseudo_rand,
- &rnd_info);
+ der_len = mbedtls_x509write_csr_der(&req, buf, sizeof(buf));
TEST_ASSERT(der_len >= 0);
if (der_len == 0) {
@@ -271,8 +272,7 @@
#else
der_len -= 1;
#endif
- ret = mbedtls_x509write_csr_der(&req, buf, (size_t) (der_len),
- mbedtls_test_rnd_pseudo_rand, &rnd_info);
+ ret = mbedtls_x509write_csr_der(&req, buf, (size_t) (der_len));
TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
exit:
@@ -306,8 +306,7 @@
memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info));
- TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL,
- mbedtls_test_rnd_std_rand, NULL) == 0);
+ TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0);
/* Turn the PK context into an opaque one. */
TEST_EQUAL(mbedtls_pk_get_psa_attributes(&key, PSA_KEY_USAGE_SIGN_HASH, &key_attr), 0);
@@ -326,8 +325,7 @@
TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0);
}
- ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf) - 1,
- mbedtls_test_rnd_pseudo_rand, &rnd_info);
+ ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf) - 1);
TEST_ASSERT(ret == 0);
@@ -431,10 +429,10 @@
MD_OR_USE_PSA_INIT();
TEST_ASSERT(mbedtls_pk_parse_keyfile(&subject_key, subject_key_file,
- subject_pwd, mbedtls_test_rnd_std_rand, NULL) == 0);
+ subject_pwd) == 0);
TEST_ASSERT(mbedtls_pk_parse_keyfile(&issuer_key, issuer_key_file,
- issuer_pwd, mbedtls_test_rnd_std_rand, NULL) == 0);
+ issuer_pwd) == 0);
issuer_key_type = mbedtls_pk_get_type(&issuer_key);
@@ -522,8 +520,7 @@
if (set_subjectAltNames) {
TEST_ASSERT(mbedtls_x509write_crt_set_subject_alternative_name(&crt, san_list) == 0);
}
- ret = mbedtls_x509write_crt_pem(&crt, buf, sizeof(buf),
- mbedtls_test_rnd_pseudo_rand, &rnd_info);
+ ret = mbedtls_x509write_crt_pem(&crt, buf, sizeof(buf));
TEST_ASSERT(ret == 0);
pem_len = strlen((char *) buf);
@@ -565,9 +562,7 @@
TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0);
}
- der_len = mbedtls_x509write_crt_der(&crt, buf, sizeof(buf),
- mbedtls_test_rnd_pseudo_rand,
- &rnd_info);
+ der_len = mbedtls_x509write_crt_der(&crt, buf, sizeof(buf));
TEST_ASSERT(der_len >= 0);
if (der_len == 0) {
@@ -625,8 +620,7 @@
#endif
der_len -= 1;
- ret = mbedtls_x509write_crt_der(&crt, buf, (size_t) (der_len),
- mbedtls_test_rnd_pseudo_rand, &rnd_info);
+ ret = mbedtls_x509write_crt_der(&crt, buf, (size_t) (der_len));
TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
exit:
diff --git a/tf-psa-crypto b/tf-psa-crypto
index 2cfed8e..43ea7fa 160000
--- a/tf-psa-crypto
+++ b/tf-psa-crypto
@@ -1 +1 @@
-Subproject commit 2cfed8e711554ffc9432209caa62244938a7da7b
+Subproject commit 43ea7fa25cd8a288c5b75dbb0b4eb47df6ffca8b