Merge dependency fixes
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 6960473..35faaf8 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,8 +1,6 @@
cmake_minimum_required(VERSION 2.6)
project(POLARSSL C)
-enable_testing()
-
string(REGEX MATCH "clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER}")
if(CMAKE_COMPILER_IS_GNUCC)
@@ -41,6 +39,11 @@
option(ENABLE_ZLIB_SUPPORT "Build PolarSSL with zlib library." OFF)
option(ENABLE_PROGRAMS "Build PolarSSL programs." ON)
+option(ENABLE_TESTING "Build PolarSSL tests." ON)
+
+if(ENABLE_TESTING)
+ enable_testing()
+endif()
if(LIB_INSTALL_DIR)
else()
@@ -60,12 +63,14 @@
add_subdirectory(library)
add_subdirectory(include)
-if(CMAKE_COMPILER_IS_GNUCC)
- add_subdirectory(tests)
-endif(CMAKE_COMPILER_IS_GNUCC)
-if(CMAKE_COMPILER_IS_CLANG)
- add_subdirectory(tests)
-endif(CMAKE_COMPILER_IS_CLANG)
+if(ENABLE_TESTING)
+ if(CMAKE_COMPILER_IS_GNUCC)
+ add_subdirectory(tests)
+ endif(CMAKE_COMPILER_IS_GNUCC)
+ if(CMAKE_COMPILER_IS_CLANG)
+ add_subdirectory(tests)
+ endif(CMAKE_COMPILER_IS_CLANG)
+endif()
if(ENABLE_PROGRAMS)
add_subdirectory(programs)
@@ -75,21 +80,22 @@
COMMAND doxygen doxygen/polarssl.doxyfile
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
-ADD_CUSTOM_TARGET(test-ref-config
+if(ENABLE_TESTING)
+ ADD_CUSTOM_TARGET(test-ref-config
COMMAND tests/scripts/test-ref-configs.pl
)
-# add programs/test/selftest even though the selftest functions are
-# called from the testsuites since it runs them in verbose mode,
-# avoiding spurious "uncovered" printf lines
-ADD_CUSTOM_TARGET(covtest
+ # add programs/test/selftest even though the selftest functions are
+ # called from the testsuites since it runs them in verbose mode,
+ # avoiding spurious "uncovered" printf lines
+ ADD_CUSTOM_TARGET(covtest
COMMAND make test
COMMAND programs/test/selftest
COMMAND cd tests && ./compat.sh
COMMAND cd tests && ./ssl-opt.sh
)
-ADD_CUSTOM_TARGET(lcov
+ ADD_CUSTOM_TARGET(lcov
COMMAND rm -rf Coverage
COMMAND lcov --capture --directory library/CMakeFiles/polarssl.dir -o polarssl.info
COMMAND gendesc tests/Descriptions.txt -o descriptions
@@ -97,8 +103,9 @@
COMMAND rm -f polarssl.info descriptions
)
-ADD_CUSTOM_TARGET(memcheck
+ ADD_CUSTOM_TARGET(memcheck
COMMAND ctest -O memcheck.log -D ExperimentalMemCheck
COMMAND tail -n1 memcheck.log | grep 'Memory checking results:' > /dev/null
COMMAND rm -f memcheck.log
)
+endif()
diff --git a/ChangeLog b/ChangeLog
index ea98c87..b5c659c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,11 +4,16 @@
Features
* debug_set_log_mode() added to determine raw or full logging
* debug_set_threshold() added to ignore messages over threshold level
+ * version_check_feature() added to check for compile-time options at
+ run-time
Changes
* POLARSSL_CONFIG_OPTIONS has been removed. All values are individually
checked and filled in the relevant module headers
* Debug module only outputs full lines instead of parts
+ * Better support for the different Attribute Types from IETF PKIX (RFC 5280)
+ * AES-NI now compiles with "old" assemblers too
+ * Ciphersuites based on RC4 now have the lowest priority by default
Bugfix
* Only iterate over actual certificates in ssl_write_certificate_request()
@@ -18,6 +23,12 @@
* cert_write app should use subject of issuer certificate as issuer of cert
* Fix false reject in padding check in ssl_decrypt_buf() for CBC
ciphersuites, for full SSL frames of data.
+ * Improve interoperability by not writing extension length in ClientHello /
+ ServerHello when no extensions are present (found by Matthew Page)
+ * rsa_check_pubkey() now allows an E up to N
+ * On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings
+ * mpi_fill_random() was creating numbers larger than requested on
+ big-endian platform when size was not an integer number of limbs
* Fix dependencies issues in X.509 test suite.
* Some parts of ssl_tls.c were compiled even when the module was disabled.
diff --git a/configs/README.txt b/configs/README.txt
new file mode 100644
index 0000000..7527fdb
--- /dev/null
+++ b/configs/README.txt
@@ -0,0 +1,24 @@
+This directory contains example configuration files.
+
+The examples are generally focused on a particular usage case (eg, support for
+a restricted number of ciphersuites) and aim at minimizing resource usage for
+this target. They can be used as a basis for custom configurations.
+
+These files are complete replacements for the default config.h. To use one of
+them, you can pick one of the following methods:
+
+1. Replace the default file include/polarssl/config.h with the chosen one.
+
+2. Define POLARSSL_CONFIG_FILE and adjust the include path accordingly.
+ For example, using make:
+
+ CFLAGS="-I$PWD/configs -DPOLARSSL_CONFIG_FILE='<foo.h>'" make
+
+ Or, using cmake:
+
+ rm CMakeCache.txt
+ CFLAGS="-I$PWD/configs -DPOLARSSL_CONFIG_FILE='<foo.h>'" cmake .
+ make
+
+Note that the second method also works if you want to keep your custom
+configuration file outside the PolarSSL tree.
diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h
index 81a95f0..fd1b0e8 100644
--- a/configs/config-mini-tls1_1.h
+++ b/configs/config-mini-tls1_1.h
@@ -2,10 +2,17 @@
* Minimal configuration for TLS 1.1 (RFC 4346), implementing only the
* required ciphersuite: TLS_RSA_WITH_3DES_EDE_CBC_SHA
*
- * Can be activated with:
- * scripts/activate-config.pl configs/config-mini-tls1_1.h
+ * See README.txt for usage instructions.
*/
+#ifndef POLARSSL_CONFIG_H
+#define POLARSSL_CONFIG_H
+
+/* System support */
+#define POLARSSL_HAVE_ASM
+#define POLARSSL_HAVE_TIME
+#define POLARSSL_HAVE_IPV6
+
/* PolarSSL feature support */
#define POLARSSL_CIPHER_MODE_CBC
#define POLARSSL_PKCS1_V15
@@ -44,5 +51,6 @@
/* For testing with compat.sh */
#define POLARSSL_FS_IO
-/* marker for activate-config.pl
- * \} name SECTION: PolarSSL modules */
+#include "check_config.h"
+
+#endif /* POLARSSL_CONFIG_H */
diff --git a/configs/config-psk-rc4-tls1_0.h b/configs/config-psk-rc4-tls1_0.h
index 1da378c..6a06dc7 100644
--- a/configs/config-psk-rc4-tls1_0.h
+++ b/configs/config-psk-rc4-tls1_0.h
@@ -2,10 +2,16 @@
* Custom compact configuration for TLS 1.0 with PSK and RC4
* Distinguishing features: no bignum, no PK, no X509.
*
- * Can be activated with:
- * scripts/activate-config.pl configs/config-mini-tls1_1.h
+ * See README.txt for usage instructions.
*/
+#ifndef POLARSSL_CONFIG_H
+#define POLARSSL_CONFIG_H
+
+/* System support */
+#define POLARSSL_HAVE_TIME
+#define POLARSSL_HAVE_IPV6
+
/* PolarSSL feature support */
#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
#define POLARSSL_SSL_PROTO_TLS1
@@ -28,5 +34,6 @@
#define POLARSSL_SSL_SRV_C
#define POLARSSL_SSL_TLS_C
-/* marker for activate-config.pl
- * \} name SECTION: PolarSSL modules */
+#include "check_config.h"
+
+#endif /* POLARSSL_CONFIG_H */
diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h
index 2bfb0e1..bfd6048 100644
--- a/configs/config-suite-b.h
+++ b/configs/config-suite-b.h
@@ -1,10 +1,17 @@
/*
* Minimal configuration for TLS NSA Suite B Profile (RFC 6460)
*
- * Can be activated with:
- * scripts/activate-config.pl configs/config-mini-tls1_1.h
+ * See README.txt for usage instructions.
*/
+#ifndef POLARSSL_CONFIG_H
+#define POLARSSL_CONFIG_H
+
+/* System support */
+#define POLARSSL_HAVE_ASM
+#define POLARSSL_HAVE_TIME
+#define POLARSSL_HAVE_IPV6
+
/* PolarSSL feature support */
#define POLARSSL_ECP_DP_SECP256R1_ENABLED
#define POLARSSL_ECP_DP_SECP384R1_ENABLED
@@ -44,5 +51,6 @@
/* For testing with compat.sh */
#define POLARSSL_FS_IO
-/* marker for activate-config.pl
- * \} name SECTION: PolarSSL modules */
+#include "check_config.h"
+
+#endif /* POLARSSL_CONFIG_H */
diff --git a/include/polarssl/aes.h b/include/polarssl/aes.h
index ffba7bf..9b8a5fa 100644
--- a/include/polarssl/aes.h
+++ b/include/polarssl/aes.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_AES_H
#define POLARSSL_AES_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/arc4.h b/include/polarssl/arc4.h
index 9333265..baa4f6c 100644
--- a/include/polarssl/arc4.h
+++ b/include/polarssl/arc4.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_ARC4_H
#define POLARSSL_ARC4_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/asn1.h b/include/polarssl/asn1.h
index 45fd6cd..517cd5b 100644
--- a/include/polarssl/asn1.h
+++ b/include/polarssl/asn1.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_ASN1_H
#define POLARSSL_ASN1_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_BIGNUM_C)
#include "bignum.h"
diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h
index 681a1de..bfd4ce0 100644
--- a/include/polarssl/bignum.h
+++ b/include/polarssl/bignum.h
@@ -30,7 +30,11 @@
#include <stdio.h>
#include <string.h>
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
diff --git a/include/polarssl/blowfish.h b/include/polarssl/blowfish.h
index 45b1387..8c470ed 100644
--- a/include/polarssl/blowfish.h
+++ b/include/polarssl/blowfish.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_BLOWFISH_H
#define POLARSSL_BLOWFISH_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/camellia.h b/include/polarssl/camellia.h
index c98512f..a768c61 100644
--- a/include/polarssl/camellia.h
+++ b/include/polarssl/camellia.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_CAMELLIA_H
#define POLARSSL_CAMELLIA_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h
new file mode 100644
index 0000000..8113e18
--- /dev/null
+++ b/include/polarssl/check_config.h
@@ -0,0 +1,321 @@
+/**
+ * \file check_config.h
+ *
+ * \brief Consistency checks for configuration options
+ *
+ * Copyright (C) 2006-2014, Brainspark B.V.
+ *
+ * This file is part of PolarSSL (http://www.polarssl.org)
+ * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
+ *
+ * All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+/*
+ * It is recommended to include this file from your config.h
+ * in order to catch dependency issues early.
+ */
+
+#ifndef POLARSSL_CHECK_CONFIG_H
+#define POLARSSL_CHECK_CONFIG_H
+
+#if defined(POLARSSL_AESNI_C) && !defined(POLARSSL_HAVE_ASM)
+#error "POLARSSL_AESNI_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_CERTS_C) && !defined(POLARSSL_PEM_PARSE_C)
+#error "POLARSSL_CERTS_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_CTR_DRBG_C) && !defined(POLARSSL_AES_C)
+#error "POLARSSL_CTR_DRBG_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_DHM_C) && !defined(POLARSSL_BIGNUM_C)
+#error "POLARSSL_DHM_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_ECDH_C) && !defined(POLARSSL_ECP_C)
+#error "POLARSSL_ECDH_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_ECDSA_C) && \
+ ( !defined(POLARSSL_ECP_C) || \
+ !defined(POLARSSL_ASN1_PARSE_C) || \
+ !defined(POLARSSL_ASN1_WRITE_C) )
+#error "POLARSSL_ECDSA_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_ECDSA_DETERMINISTIC) && !defined(POLARSSL_HMAC_DRBG_C)
+#error "POLARSSL_ECDSA_DETERMINISTIC defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_ECP_C) && ( !defined(POLARSSL_BIGNUM_C) || ( \
+ !defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_BP256R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_BP384R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_BP512R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) ) )
+#error "POLARSSL_ECP_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_ENTROPY_C) && (!defined(POLARSSL_SHA512_C) && \
+ !defined(POLARSSL_SHA256_C))
+#error "POLARSSL_ENTROPY_C defined, but not all prerequisites"
+#endif
+#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SHA512_C) && \
+ defined(POLARSSL_CONFIG_OPTIONS) && (CTR_DRBG_ENTROPY_LEN > 64)
+#error "CTR_DRBG_ENTROPY_LEN value too high"
+#endif
+#if defined(POLARSSL_ENTROPY_C) && \
+ ( !defined(POLARSSL_SHA512_C) || defined(POLARSSL_ENTROPY_FORCE_SHA256) ) \
+ && defined(POLARSSL_CONFIG_OPTIONS) && (CTR_DRBG_ENTROPY_LEN > 32)
+#error "CTR_DRBG_ENTROPY_LEN value too high"
+#endif
+#if defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_ENTROPY_FORCE_SHA256) && !defined(POLARSSL_SHA256_C)
+#error "POLARSSL_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_GCM_C) && ( \
+ !defined(POLARSSL_AES_C) && !defined(POLARSSL_CAMELLIA_C) )
+#error "POLARSSL_GCM_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_HAVEGE_C) && !defined(POLARSSL_TIMING_C)
+#error "POLARSSL_HAVEGE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_HMAC_DRBG) && !defined(POLARSSL_MD_C)
+#error "POLARSSL_HMAC_DRBG_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \
+ ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) )
+#error "POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
+ ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) )
+#error "POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(POLARSSL_DHM_C)
+#error "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \
+ !defined(POLARSSL_ECDH_C)
+#error "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
+ ( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) || \
+ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
+#error "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
+ ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_RSA_C) || \
+ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
+#error "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
+ ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_ECDSA_C) || \
+ !defined(POLARSSL_X509_CRT_PARSE_C) )
+#error "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \
+ ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
+ !defined(POLARSSL_PKCS1_V15) )
+#error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \
+ ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
+ !defined(POLARSSL_PKCS1_V15) )
+#error "POLARSSL_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && \
+ ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) )
+#error "POLARSSL_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_PADLOCK_C) && !defined(POLARSSL_HAVE_ASM)
+#error "POLARSSL_PADLOCK_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_PBKDF2_C) && !defined(POLARSSL_MD_C)
+#error "POLARSSL_PBKDF2_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_PEM_PARSE_C) && !defined(POLARSSL_BASE64_C)
+#error "POLARSSL_PEM_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_PEM_WRITE_C) && !defined(POLARSSL_BASE64_C)
+#error "POLARSSL_PEM_WRITE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_PK_PARSE_C) && !defined(POLARSSL_PK_C)
+#error "POLARSSL_PK_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_PK_WRITE_C) && !defined(POLARSSL_PK_C)
+#error "POLARSSL_PK_WRITE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_PKCS11_C) && !defined(POLARSSL_PK_C)
+#error "POLARSSL_PKCS11_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_RSA_C) && ( !defined(POLARSSL_BIGNUM_C) || \
+ !defined(POLARSSL_OID_C) )
+#error "POLARSSL_RSA_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \
+ !defined(POLARSSL_SHA1_C) )
+#error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_SSL_PROTO_TLS1) && ( !defined(POLARSSL_MD5_C) || \
+ !defined(POLARSSL_SHA1_C) )
+#error "POLARSSL_SSL_PROTO_TLS1 defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_SSL_PROTO_TLS1_1) && ( !defined(POLARSSL_MD5_C) || \
+ !defined(POLARSSL_SHA1_C) )
+#error "POLARSSL_SSL_PROTO_TLS1_1 defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_SSL_PROTO_TLS1_2) && ( !defined(POLARSSL_SHA1_C) && \
+ !defined(POLARSSL_SHA256_C) && !defined(POLARSSL_SHA512_C) )
+#error "POLARSSL_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_SSL_CLI_C) && !defined(POLARSSL_SSL_TLS_C)
+#error "POLARSSL_SSL_CLI_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_SSL_TLS_C) && ( !defined(POLARSSL_CIPHER_C) || \
+ !defined(POLARSSL_MD_C) )
+#error "POLARSSL_SSL_TLS_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_SSL_SRV_C) && !defined(POLARSSL_SSL_TLS_C)
+#error "POLARSSL_SSL_SRV_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_SSL_TLS_C) && (!defined(POLARSSL_SSL_PROTO_SSL3) && \
+ !defined(POLARSSL_SSL_PROTO_TLS1) && !defined(POLARSSL_SSL_PROTO_TLS1_1) && \
+ !defined(POLARSSL_SSL_PROTO_TLS1_2))
+#error "POLARSSL_SSL_TLS_C defined, but no protocols are active"
+#endif
+
+#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \
+ defined(POLARSSL_SSL_PROTO_TLS1_1) && !defined(POLARSSL_SSL_PROTO_TLS1))
+#error "Illegal protocol selection"
+#endif
+
+#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_TLS1) && \
+ defined(POLARSSL_SSL_PROTO_TLS1_2) && !defined(POLARSSL_SSL_PROTO_TLS1_1))
+#error "Illegal protocol selection"
+#endif
+
+#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \
+ defined(POLARSSL_SSL_PROTO_TLS1_2) && (!defined(POLARSSL_SSL_PROTO_TLS1) || \
+ !defined(POLARSSL_SSL_PROTO_TLS1_1)))
+#error "Illegal protocol selection"
+#endif
+
+#if defined(POLARSSL_SSL_SESSION_TICKETS) && defined(POLARSSL_SSL_TLS_C) && \
+ ( !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \
+ !defined(POLARSSL_CIPHER_MODE_CBC) )
+#error "POLARSSL_SSL_SESSION_TICKETS_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && \
+ !defined(POLARSSL_X509_CRT_PARSE_C)
+#error "POLARSSL_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_THREADING_PTHREAD)
+#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL)
+#error "POLARSSL_THREADING_PTHREAD defined, but not all prerequisites"
+#endif
+#define POLARSSL_THREADING_IMPL
+#endif
+
+#if defined(POLARSSL_THREADING_ALT)
+#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL)
+#error "POLARSSL_THREADING_ALT defined, but not all prerequisites"
+#endif
+#define POLARSSL_THREADING_IMPL
+#endif
+
+#if defined(POLARSSL_THREADING_C) && !defined(POLARSSL_THREADING_IMPL)
+#error "POLARSSL_THREADING_C defined, single threading implementation required"
+#endif
+#undef POLARSSL_THREADING_IMPL
+
+#if defined(POLARSSL_VERSION_FEATURES) && !defined(POLARSSL_VERSION_C)
+#error "POLARSSL_VERSION_FEATURES defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_X509_USE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
+ !defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_PARSE_C) || \
+ !defined(POLARSSL_PK_PARSE_C) )
+#error "POLARSSL_X509_USE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_X509_CREATE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
+ !defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_WRITE_C) || \
+ !defined(POLARSSL_PK_WRITE_C) )
+#error "POLARSSL_X509_CREATE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_X509_CRT_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
+#error "POLARSSL_X509_CRT_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_X509_CRL_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
+#error "POLARSSL_X509_CRL_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_X509_CSR_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
+#error "POLARSSL_X509_CSR_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_X509_CRT_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) )
+#error "POLARSSL_X509_CRT_WRITE_C defined, but not all prerequisites"
+#endif
+
+#if defined(POLARSSL_X509_CSR_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) )
+#error "POLARSSL_X509_CSR_WRITE_C defined, but not all prerequisites"
+#endif
+
+#endif /* POLARSSL_CHECK_CONFIG_H */
diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index c7ad5b7..c8b8490 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -30,7 +30,11 @@
#ifndef POLARSSL_CIPHER_H
#define POLARSSL_CIPHER_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_GCM_C)
#define POLARSSL_CIPHER_MODE_AEAD
diff --git a/include/polarssl/cipher_wrap.h b/include/polarssl/cipher_wrap.h
index 63bd093..49d2661 100644
--- a/include/polarssl/cipher_wrap.h
+++ b/include/polarssl/cipher_wrap.h
@@ -29,7 +29,11 @@
#ifndef POLARSSL_CIPHER_WRAP_H
#define POLARSSL_CIPHER_WRAP_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "cipher.h"
#ifdef __cplusplus
diff --git a/include/polarssl/compat-1.2.h b/include/polarssl/compat-1.2.h
index 0cc63ca..7ebc9c1 100644
--- a/include/polarssl/compat-1.2.h
+++ b/include/polarssl/compat-1.2.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_COMPAT_1_2_H
#define POLARSSL_COMPAT_1_2_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
// Comment out to disable prototype change warnings
#define SHOW_PROTOTYPE_CHANGE_WARNINGS
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index e2b19d2..500d041 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -956,6 +956,19 @@
//#define POLARSSL_THREADING_PTHREAD
/**
+ * \def POLARSSL_VERSION_FEATURES
+ *
+ * Allow run-time checking of compile-time enabled features. Thus allowing users
+ * to check at run-time if the library is for instance compiled with threading
+ * support via version_check_feature().
+ *
+ * Requires: POLARSSL_VERSION_C
+ *
+ * Comment this to disable run-time checking and save ROM space
+ */
+#define POLARSSL_VERSION_FEATURES
+
+/**
* \def POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
*
* If set, the X509 parser will not break-off when parsing an X509 certificate
@@ -2100,291 +2113,8 @@
/* Debug options */
//#define POLARSSL_DEBUG_DFL_MODE POLARSSL_DEBUG_LOG_FULL /**< Default log: Full or Raw */
-/* \} name */
+/* \} name SECTION: Module configuration options */
-/*
- * Sanity checks on defines and dependencies
- */
-#if defined(POLARSSL_AESNI_C) && !defined(POLARSSL_HAVE_ASM)
-#error "POLARSSL_AESNI_C defined, but not all prerequisites"
-#endif
+#include "check_config.h"
-#if defined(POLARSSL_CERTS_C) && !defined(POLARSSL_PEM_PARSE_C)
-#error "POLARSSL_CERTS_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_CTR_DRBG_C) && !defined(POLARSSL_AES_C)
-#error "POLARSSL_CTR_DRBG_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_DHM_C) && !defined(POLARSSL_BIGNUM_C)
-#error "POLARSSL_DHM_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_ECDH_C) && !defined(POLARSSL_ECP_C)
-#error "POLARSSL_ECDH_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_ECDSA_C) && \
- ( !defined(POLARSSL_ECP_C) || \
- !defined(POLARSSL_ASN1_PARSE_C) || \
- !defined(POLARSSL_ASN1_WRITE_C) )
-#error "POLARSSL_ECDSA_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_ECDSA_DETERMINISTIC) && !defined(POLARSSL_HMAC_DRBG_C)
-#error "POLARSSL_ECDSA_DETERMINISTIC defined, but not all prerequisites"
-#endif
-
-/* For now, M255 (aka Curve25519) can't be the only curve. */
-#if defined(POLARSSL_ECP_C) && ( !defined(POLARSSL_BIGNUM_C) || ( \
- !defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) && \
- !defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) && \
- !defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) && \
- !defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) && \
- !defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) && \
- !defined(POLARSSL_ECP_DP_BP256R1_ENABLED) && \
- !defined(POLARSSL_ECP_DP_BP384R1_ENABLED) && \
- !defined(POLARSSL_ECP_DP_BP512R1_ENABLED) && \
- !defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) && \
- !defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) && \
- !defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) ) )
-#error "POLARSSL_ECP_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_ENTROPY_C) && (!defined(POLARSSL_SHA512_C) && \
- !defined(POLARSSL_SHA256_C))
-#error "POLARSSL_ENTROPY_C defined, but not all prerequisites"
-#endif
-#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SHA512_C) && \
- defined(POLARSSL_CONFIG_OPTIONS) && (CTR_DRBG_ENTROPY_LEN > 64)
-#error "CTR_DRBG_ENTROPY_LEN value too high"
-#endif
-#if defined(POLARSSL_ENTROPY_C) && \
- ( !defined(POLARSSL_SHA512_C) || defined(POLARSSL_ENTROPY_FORCE_SHA256) ) \
- && defined(POLARSSL_CONFIG_OPTIONS) && (CTR_DRBG_ENTROPY_LEN > 32)
-#error "CTR_DRBG_ENTROPY_LEN value too high"
-#endif
-#if defined(POLARSSL_ENTROPY_C) && \
- defined(POLARSSL_ENTROPY_FORCE_SHA256) && !defined(POLARSSL_SHA256_C)
-#error "POLARSSL_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_GCM_C) && ( \
- !defined(POLARSSL_AES_C) && !defined(POLARSSL_CAMELLIA_C) )
-#error "POLARSSL_GCM_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_HAVEGE_C) && !defined(POLARSSL_TIMING_C)
-#error "POLARSSL_HAVEGE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_HMAC_DRBG) && !defined(POLARSSL_MD_C)
-#error "POLARSSL_HMAC_DRBG_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \
- ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) )
-#error "POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
- ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) )
-#error "POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(POLARSSL_DHM_C)
-#error "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \
- !defined(POLARSSL_ECDH_C)
-#error "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
- ( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) || \
- !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
-#error "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
- ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_RSA_C) || \
- !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
-#error "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
- ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_ECDSA_C) || \
- !defined(POLARSSL_X509_CRT_PARSE_C) )
-#error "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \
- ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
- !defined(POLARSSL_PKCS1_V15) )
-#error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \
- ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
- !defined(POLARSSL_PKCS1_V15) )
-#error "POLARSSL_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && \
- ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) )
-#error "POLARSSL_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_PADLOCK_C) && !defined(POLARSSL_HAVE_ASM)
-#error "POLARSSL_PADLOCK_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_PBKDF2_C) && !defined(POLARSSL_MD_C)
-#error "POLARSSL_PBKDF2_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_PEM_PARSE_C) && !defined(POLARSSL_BASE64_C)
-#error "POLARSSL_PEM_PARSE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_PEM_WRITE_C) && !defined(POLARSSL_BASE64_C)
-#error "POLARSSL_PEM_WRITE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_PK_PARSE_C) && !defined(POLARSSL_PK_C)
-#error "POLARSSL_PK_PARSE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_PK_WRITE_C) && !defined(POLARSSL_PK_C)
-#error "POLARSSL_PK_WRITE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_PKCS11_C) && !defined(POLARSSL_PK_C)
-#error "POLARSSL_PKCS11_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_RSA_C) && ( !defined(POLARSSL_BIGNUM_C) || \
- !defined(POLARSSL_OID_C) )
-#error "POLARSSL_RSA_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \
- !defined(POLARSSL_SHA1_C) )
-#error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_SSL_PROTO_TLS1) && ( !defined(POLARSSL_MD5_C) || \
- !defined(POLARSSL_SHA1_C) )
-#error "POLARSSL_SSL_PROTO_TLS1 defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_SSL_PROTO_TLS1_1) && ( !defined(POLARSSL_MD5_C) || \
- !defined(POLARSSL_SHA1_C) )
-#error "POLARSSL_SSL_PROTO_TLS1_1 defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_SSL_PROTO_TLS1_2) && ( !defined(POLARSSL_SHA1_C) && \
- !defined(POLARSSL_SHA256_C) && !defined(POLARSSL_SHA512_C) )
-#error "POLARSSL_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_SSL_CLI_C) && !defined(POLARSSL_SSL_TLS_C)
-#error "POLARSSL_SSL_CLI_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_SSL_TLS_C) && ( !defined(POLARSSL_CIPHER_C) || \
- !defined(POLARSSL_MD_C) )
-#error "POLARSSL_SSL_TLS_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_SSL_SRV_C) && !defined(POLARSSL_SSL_TLS_C)
-#error "POLARSSL_SSL_SRV_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_SSL_TLS_C) && (!defined(POLARSSL_SSL_PROTO_SSL3) && \
- !defined(POLARSSL_SSL_PROTO_TLS1) && !defined(POLARSSL_SSL_PROTO_TLS1_1) && \
- !defined(POLARSSL_SSL_PROTO_TLS1_2))
-#error "POLARSSL_SSL_TLS_C defined, but no protocols are active"
-#endif
-
-#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \
- defined(POLARSSL_SSL_PROTO_TLS1_1) && !defined(POLARSSL_SSL_PROTO_TLS1))
-#error "Illegal protocol selection"
-#endif
-
-#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_TLS1) && \
- defined(POLARSSL_SSL_PROTO_TLS1_2) && !defined(POLARSSL_SSL_PROTO_TLS1_1))
-#error "Illegal protocol selection"
-#endif
-
-#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \
- defined(POLARSSL_SSL_PROTO_TLS1_2) && (!defined(POLARSSL_SSL_PROTO_TLS1) || \
- !defined(POLARSSL_SSL_PROTO_TLS1_1)))
-#error "Illegal protocol selection"
-#endif
-
-#if defined(POLARSSL_SSL_SESSION_TICKETS) && defined(POLARSSL_SSL_TLS_C) && \
- ( !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \
- !defined(POLARSSL_CIPHER_MODE_CBC) )
-#error "POLARSSL_SSL_SESSION_TICKETS_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && \
- !defined(POLARSSL_X509_CRT_PARSE_C)
-#error "POLARSSL_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_THREADING_PTHREAD)
-#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL)
-#error "POLARSSL_THREADING_PTHREAD defined, but not all prerequisites"
-#endif
-#define POLARSSL_THREADING_IMPL
-#endif
-
-#if defined(POLARSSL_THREADING_ALT)
-#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL)
-#error "POLARSSL_THREADING_ALT defined, but not all prerequisites"
-#endif
-#define POLARSSL_THREADING_IMPL
-#endif
-
-#if defined(POLARSSL_THREADING_C) && !defined(POLARSSL_THREADING_IMPL)
-#error "POLARSSL_THREADING_C defined, single threading implementation required"
-#endif
-#undef POLARSSL_THREADING_IMPL
-
-#if defined(POLARSSL_X509_USE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
- !defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_PARSE_C) || \
- !defined(POLARSSL_PK_PARSE_C) )
-#error "POLARSSL_X509_USE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_X509_CREATE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
- !defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_WRITE_C) || \
- !defined(POLARSSL_PK_WRITE_C) )
-#error "POLARSSL_X509_CREATE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_X509_CRT_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
-#error "POLARSSL_X509_CRT_PARSE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_X509_CRL_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
-#error "POLARSSL_X509_CRL_PARSE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_X509_CSR_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
-#error "POLARSSL_X509_CSR_PARSE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_X509_CRT_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) )
-#error "POLARSSL_X509_CRT_WRITE_C defined, but not all prerequisites"
-#endif
-
-#if defined(POLARSSL_X509_CSR_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) )
-#error "POLARSSL_X509_CSR_WRITE_C defined, but not all prerequisites"
-#endif
-
-#endif /* config.h */
+#endif /* POLARSSL_CONFIG_H */
diff --git a/include/polarssl/debug.h b/include/polarssl/debug.h
index 599ce43..7b51cbb 100644
--- a/include/polarssl/debug.h
+++ b/include/polarssl/debug.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_DEBUG_H
#define POLARSSL_DEBUG_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "ssl.h"
#if defined(POLARSSL_ECP_C)
#include "ecp.h"
diff --git a/include/polarssl/des.h b/include/polarssl/des.h
index d29bd1d..7499b53 100644
--- a/include/polarssl/des.h
+++ b/include/polarssl/des.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_DES_H
#define POLARSSL_DES_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/entropy.h b/include/polarssl/entropy.h
index 4485d3e..4f4f8f7 100644
--- a/include/polarssl/entropy.h
+++ b/include/polarssl/entropy.h
@@ -29,7 +29,11 @@
#include <string.h>
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256)
#include "sha512.h"
diff --git a/include/polarssl/entropy_poll.h b/include/polarssl/entropy_poll.h
index 0116598..92efa00 100644
--- a/include/polarssl/entropy_poll.h
+++ b/include/polarssl/entropy_poll.h
@@ -29,7 +29,11 @@
#include <string.h>
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#ifdef __cplusplus
extern "C" {
diff --git a/include/polarssl/md2.h b/include/polarssl/md2.h
index a8e23d0..3792a4d 100644
--- a/include/polarssl/md2.h
+++ b/include/polarssl/md2.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_MD2_H
#define POLARSSL_MD2_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/md4.h b/include/polarssl/md4.h
index a1b5d45..b0434dd 100644
--- a/include/polarssl/md4.h
+++ b/include/polarssl/md4.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_MD4_H
#define POLARSSL_MD4_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/md5.h b/include/polarssl/md5.h
index df2a61b..bb0ebf3 100644
--- a/include/polarssl/md5.h
+++ b/include/polarssl/md5.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_MD5_H
#define POLARSSL_MD5_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/md_wrap.h b/include/polarssl/md_wrap.h
index d681a0c..634bb7d 100644
--- a/include/polarssl/md_wrap.h
+++ b/include/polarssl/md_wrap.h
@@ -29,7 +29,11 @@
#ifndef POLARSSL_MD_WRAP_H
#define POLARSSL_MD_WRAP_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "md.h"
#ifdef __cplusplus
diff --git a/include/polarssl/memory.h b/include/polarssl/memory.h
index 64690be..3af3951 100644
--- a/include/polarssl/memory.h
+++ b/include/polarssl/memory.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_MEMORY_H
#define POLARSSL_MEMORY_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <stdlib.h>
diff --git a/include/polarssl/memory_buffer_alloc.h b/include/polarssl/memory_buffer_alloc.h
index 68477a4..c449752 100644
--- a/include/polarssl/memory_buffer_alloc.h
+++ b/include/polarssl/memory_buffer_alloc.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_MEMORY_BUFFER_ALLOC_H
#define POLARSSL_MEMORY_BUFFER_ALLOC_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <stdlib.h>
diff --git a/include/polarssl/oid.h b/include/polarssl/oid.h
index ade4683..b1d33b6 100644
--- a/include/polarssl/oid.h
+++ b/include/polarssl/oid.h
@@ -28,7 +28,11 @@
#define POLARSSL_OID_H
#include <string.h>
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "asn1.h"
#include "pk.h"
#if defined(POLARSSL_CIPHER_C)
@@ -105,14 +109,23 @@
*/
#define OID_AT OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */
#define OID_AT_CN OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */
+#define OID_AT_SUR_NAME OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */
#define OID_AT_SERIAL_NUMBER OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */
#define OID_AT_COUNTRY OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */
#define OID_AT_LOCALITY OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */
#define OID_AT_STATE OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */
#define OID_AT_ORGANIZATION OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */
#define OID_AT_ORG_UNIT OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */
+#define OID_AT_TITLE OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */
#define OID_AT_POSTAL_ADDRESS OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */
#define OID_AT_POSTAL_CODE OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */
+#define OID_AT_GIVEN_NAME OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */
+#define OID_AT_INITIALS OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */
+#define OID_AT_GENERATION_QUALIFIER OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */
+#define OID_AT_DN_QUALIFIER OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */
+#define OID_AT_PSEUDONYM OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */
+
+#define OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */
/*
* OIDs for standard certificate extensions
diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h
index cebe057..7014e42 100644
--- a/include/polarssl/pk.h
+++ b/include/polarssl/pk.h
@@ -28,7 +28,11 @@
#ifndef POLARSSL_PK_H
#define POLARSSL_PK_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "md.h"
diff --git a/include/polarssl/pk_wrap.h b/include/polarssl/pk_wrap.h
index 91a671e..7baafb9 100644
--- a/include/polarssl/pk_wrap.h
+++ b/include/polarssl/pk_wrap.h
@@ -28,7 +28,11 @@
#ifndef POLARSSL_PK_WRAP_H
#define POLARSSL_PK_WRAP_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "pk.h"
diff --git a/include/polarssl/pkcs11.h b/include/polarssl/pkcs11.h
index 707d00a..1e4ed38 100644
--- a/include/polarssl/pkcs11.h
+++ b/include/polarssl/pkcs11.h
@@ -29,7 +29,11 @@
#ifndef POLARSSL_PKCS11_H
#define POLARSSL_PKCS11_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PKCS11_C)
diff --git a/include/polarssl/platform.h b/include/polarssl/platform.h
index b61aad0..fd9b80a 100644
--- a/include/polarssl/platform.h
+++ b/include/polarssl/platform.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_PLATFORM_H
#define POLARSSL_PLATFORM_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <stdio.h>
diff --git a/include/polarssl/ripemd160.h b/include/polarssl/ripemd160.h
index 2d760c3..754322d 100644
--- a/include/polarssl/ripemd160.h
+++ b/include/polarssl/ripemd160.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_RIPEMD160_H
#define POLARSSL_RIPEMD160_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h
index d8c8341..ce84c1c 100644
--- a/include/polarssl/rsa.h
+++ b/include/polarssl/rsa.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_RSA_H
#define POLARSSL_RSA_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "bignum.h"
#include "md.h"
diff --git a/include/polarssl/sha1.h b/include/polarssl/sha1.h
index e1d8e27..f5e91a4 100644
--- a/include/polarssl/sha1.h
+++ b/include/polarssl/sha1.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_SHA1_H
#define POLARSSL_SHA1_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/sha256.h b/include/polarssl/sha256.h
index 89df578..f3c00fa 100644
--- a/include/polarssl/sha256.h
+++ b/include/polarssl/sha256.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_SHA256_H
#define POLARSSL_SHA256_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/sha512.h b/include/polarssl/sha512.h
index 2c61637..b8908af 100644
--- a/include/polarssl/sha512.h
+++ b/include/polarssl/sha512.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_SHA512_H
#define POLARSSL_SHA512_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index eb7ac51..401908a 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_SSL_H
#define POLARSSL_SSL_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "net.h"
#include "bignum.h"
diff --git a/include/polarssl/threading.h b/include/polarssl/threading.h
index 8707152..1fc9f98 100644
--- a/include/polarssl/threading.h
+++ b/include/polarssl/threading.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_THREADING_H
#define POLARSSL_THREADING_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <stdlib.h>
diff --git a/include/polarssl/timing.h b/include/polarssl/timing.h
index 09624fc..383120e 100644
--- a/include/polarssl/timing.h
+++ b/include/polarssl/timing.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_TIMING_H
#define POLARSSL_TIMING_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if !defined(POLARSSL_TIMING_ALT)
// Regular implementation
diff --git a/include/polarssl/version.h b/include/polarssl/version.h
index 7e9d2ea..8527dd2 100644
--- a/include/polarssl/version.h
+++ b/include/polarssl/version.h
@@ -3,7 +3,7 @@
*
* \brief Run-time version information
*
- * Copyright (C) 2006-2013, Brainspark B.V.
+ * Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@@ -31,7 +31,11 @@
#ifndef POLARSSL_VERSION_H
#define POLARSSL_VERSION_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
/**
* The version number x.y.z is split into three parts.
@@ -75,11 +79,32 @@
/**
* Get the full version string ("PolarSSL x.y.z").
*
- * \param string The string that will receive the value.
- * (Should be at least 18 bytes in size)
+ * \param string The string that will receive the value. The PolarSSL version
+ * string will use 18 bytes AT MOST including a terminating
+ * null byte.
+ * (So the buffer should be at least 18 bytes to receive this
+ * version string).
*/
void version_get_string_full( char *string );
+/**
+ * \brief Check if support for a feature was compiled into this
+ * PolarSSL binary. This allows you to see at runtime if the
+ * library was for instance compiled with or without
+ * Multi-threading support.
+ *
+ * Note: only checks against defines in the sections "System
+ * support", "PolarSSL modules" and "PolarSSL feature
+ * support" in config.h
+ *
+ * \param feature The string for the define to check (e.g. "POLARSSL_AES_C")
+ *
+ * \return 0 if the feature is present, -1 if the feature is not
+ * present and -2 if support for feature checking as a whole
+ * was not compiled in.
+ */
+int version_check_feature( const char *feature );
+
#ifdef __cplusplus
}
#endif
diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h
index f2b8a0c..e13f38f 100644
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_X509_H
#define POLARSSL_X509_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "asn1.h"
#include "pk.h"
diff --git a/include/polarssl/x509_crl.h b/include/polarssl/x509_crl.h
index 0c79916..0fee59b 100644
--- a/include/polarssl/x509_crl.h
+++ b/include/polarssl/x509_crl.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_X509_CRL_H
#define POLARSSL_X509_CRL_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "x509.h"
diff --git a/include/polarssl/x509_crt.h b/include/polarssl/x509_crt.h
index 8e63381..0081d36 100644
--- a/include/polarssl/x509_crt.h
+++ b/include/polarssl/x509_crt.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_X509_CRT_H
#define POLARSSL_X509_CRT_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "x509.h"
diff --git a/include/polarssl/x509_csr.h b/include/polarssl/x509_csr.h
index 7e38300..b660587 100644
--- a/include/polarssl/x509_csr.h
+++ b/include/polarssl/x509_csr.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_X509_CSR_H
#define POLARSSL_X509_CSR_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "x509.h"
diff --git a/include/polarssl/xtea.h b/include/polarssl/xtea.h
index 95854d1..07118d9 100644
--- a/include/polarssl/xtea.h
+++ b/include/polarssl/xtea.h
@@ -27,7 +27,11 @@
#ifndef POLARSSL_XTEA_H
#define POLARSSL_XTEA_H
+#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 19d1a2a..8b595cf 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -60,6 +60,7 @@
threading.c
timing.c
version.c
+ version_features.c
x509.c
x509_crt.c
x509_crl.c
diff --git a/library/Makefile b/library/Makefile
index 251a682..e02a258 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -57,7 +57,7 @@
sha512.o ssl_cache.o ssl_cli.o \
ssl_srv.o ssl_ciphersuites.o \
ssl_tls.o threading.o timing.o \
- version.o \
+ version.o version_features.o \
x509.o x509_create.o \
x509_crl.o x509_crt.o x509_csr.o \
x509write_crt.o x509write_csr.o \
diff --git a/library/aes.c b/library/aes.c
index fb211fe..f0a25bc 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -29,7 +29,11 @@
* http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_AES_C)
diff --git a/library/aesni.c b/library/aesni.c
index aa054cb..9d21c85 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -28,7 +28,11 @@
* [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_AESNI_C)
@@ -59,6 +63,32 @@
}
/*
+ * Binutils needs to be at least 2.19 to support AES-NI instructions.
+ * Unfortunately, a lot of users have a lower version now (2014-04).
+ * Emit bytecode directly in order to support "old" version of gas.
+ *
+ * Opcodes from the Intel architecture reference manual, vol. 3.
+ * We always use registers, so we don't need prefixes for memory operands.
+ * Operand macros are in gas order (src, dst) as opposed to Intel order
+ * (dst, src) in order to blend better into the surrounding assembly code.
+ */
+#define AESDEC ".byte 0x66,0x0F,0x38,0xDE,"
+#define AESDECLAST ".byte 0x66,0x0F,0x38,0xDF,"
+#define AESENC ".byte 0x66,0x0F,0x38,0xDC,"
+#define AESENCLAST ".byte 0x66,0x0F,0x38,0xDD,"
+#define AESIMC ".byte 0x66,0x0F,0x38,0xDB,"
+#define AESKEYGENA ".byte 0x66,0x0F,0x3A,0xDF,"
+#define PCLMULQDQ ".byte 0x66,0x0F,0x3A,0x44,"
+
+#define xmm0_xmm0 "0xC0"
+#define xmm0_xmm1 "0xC8"
+#define xmm0_xmm2 "0xD0"
+#define xmm0_xmm3 "0xD8"
+#define xmm0_xmm4 "0xE0"
+#define xmm1_xmm0 "0xC1"
+#define xmm1_xmm2 "0xD1"
+
+/*
* AES-NI AES-ECB block en(de)cryption
*/
int aesni_crypt_ecb( aes_context *ctx,
@@ -76,22 +106,22 @@
"1: \n" // encryption loop
"movdqu (%1), %%xmm1 \n" // load round key
- "aesenc %%xmm1, %%xmm0 \n" // do round
+ AESENC xmm1_xmm0 "\n" // do round
"addq $16, %1 \n" // point to next round key
"subl $1, %0 \n" // loop
"jnz 1b \n"
"movdqu (%1), %%xmm1 \n" // load round key
- "aesenclast %%xmm1, %%xmm0 \n" // last round
+ AESENCLAST xmm1_xmm0 "\n" // last round
"jmp 3f \n"
"2: \n" // decryption loop
"movdqu (%1), %%xmm1 \n"
- "aesdec %%xmm1, %%xmm0 \n"
+ AESDEC xmm1_xmm0 "\n" // do round
"addq $16, %1 \n"
"subl $1, %0 \n"
"jnz 2b \n"
"movdqu (%1), %%xmm1 \n" // load round key
- "aesdeclast %%xmm1, %%xmm0 \n" // last round
+ AESDECLAST xmm1_xmm0 "\n" // last round
"3: \n"
"movdqu %%xmm0, (%4) \n" // export output
@@ -131,10 +161,10 @@
"movdqa %%xmm1, %%xmm2 \n" // copy of b1:b0
"movdqa %%xmm1, %%xmm3 \n" // same
"movdqa %%xmm1, %%xmm4 \n" // same
- "pclmulqdq $0x00, %%xmm0, %%xmm1 \n" // a0*b0 = c1:c0
- "pclmulqdq $0x11, %%xmm0, %%xmm2 \n" // a1*b1 = d1:d0
- "pclmulqdq $0x10, %%xmm0, %%xmm3 \n" // a0*b1 = e1:e0
- "pclmulqdq $0x01, %%xmm0, %%xmm4 \n" // a1*b0 = f1:f0
+ PCLMULQDQ xmm0_xmm1 ",0x00 \n" // a0*b0 = c1:c0
+ PCLMULQDQ xmm0_xmm2 ",0x11 \n" // a1*b1 = d1:d0
+ PCLMULQDQ xmm0_xmm3 ",0x10 \n" // a0*b1 = e1:e0
+ PCLMULQDQ xmm0_xmm4 ",0x01 \n" // a1*b0 = f1:f0
"pxor %%xmm3, %%xmm4 \n" // e1+f1:e0+f0
"movdqa %%xmm4, %%xmm3 \n" // same
"psrldq $8, %%xmm4 \n" // 0:e1+f1
@@ -228,7 +258,7 @@
for( fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16 )
asm( "movdqu (%0), %%xmm0 \n"
- "aesimc %%xmm0, %%xmm0 \n"
+ AESIMC xmm0_xmm0 "\n"
"movdqu %%xmm0, (%1) \n"
:
: "r" (fk), "r" (ik)
@@ -271,17 +301,17 @@
"ret \n"
/* Main "loop" */
- "2: \n"
- "aeskeygenassist $0x01, %%xmm0, %%xmm1 \ncall 1b \n"
- "aeskeygenassist $0x02, %%xmm0, %%xmm1 \ncall 1b \n"
- "aeskeygenassist $0x04, %%xmm0, %%xmm1 \ncall 1b \n"
- "aeskeygenassist $0x08, %%xmm0, %%xmm1 \ncall 1b \n"
- "aeskeygenassist $0x10, %%xmm0, %%xmm1 \ncall 1b \n"
- "aeskeygenassist $0x20, %%xmm0, %%xmm1 \ncall 1b \n"
- "aeskeygenassist $0x40, %%xmm0, %%xmm1 \ncall 1b \n"
- "aeskeygenassist $0x80, %%xmm0, %%xmm1 \ncall 1b \n"
- "aeskeygenassist $0x1B, %%xmm0, %%xmm1 \ncall 1b \n"
- "aeskeygenassist $0x36, %%xmm0, %%xmm1 \ncall 1b \n"
+ "2: \n"
+ AESKEYGENA xmm0_xmm1 ",0x01 \ncall 1b \n"
+ AESKEYGENA xmm0_xmm1 ",0x02 \ncall 1b \n"
+ AESKEYGENA xmm0_xmm1 ",0x04 \ncall 1b \n"
+ AESKEYGENA xmm0_xmm1 ",0x08 \ncall 1b \n"
+ AESKEYGENA xmm0_xmm1 ",0x10 \ncall 1b \n"
+ AESKEYGENA xmm0_xmm1 ",0x20 \ncall 1b \n"
+ AESKEYGENA xmm0_xmm1 ",0x40 \ncall 1b \n"
+ AESKEYGENA xmm0_xmm1 ",0x80 \ncall 1b \n"
+ AESKEYGENA xmm0_xmm1 ",0x1B \ncall 1b \n"
+ AESKEYGENA xmm0_xmm1 ",0x36 \ncall 1b \n"
:
: "r" (rk), "r" (key)
: "memory", "cc", "0" );
@@ -329,15 +359,15 @@
"add $8, %0 \n"
"ret \n"
- "2: \n"
- "aeskeygenassist $0x01, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x02, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x04, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x08, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x10, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x20, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x40, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x80, %%xmm1, %%xmm2 \ncall 1b \n"
+ "2: \n"
+ AESKEYGENA xmm1_xmm2 ",0x01 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x02 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x04 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x08 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x10 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x20 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x40 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x80 \ncall 1b \n"
:
: "r" (rk), "r" (key)
@@ -380,7 +410,7 @@
/* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 )
* and proceed to generate next round key from there */
- "aeskeygenassist $0, %%xmm0, %%xmm2\n"
+ AESKEYGENA xmm0_xmm2 ",0x00 \n"
"pshufd $0xaa, %%xmm2, %%xmm2 \n"
"pxor %%xmm1, %%xmm2 \n"
"pslldq $4, %%xmm1 \n"
@@ -397,14 +427,14 @@
* Main "loop" - Generating one more key than necessary,
* see definition of aes_context.buf
*/
- "2: \n"
- "aeskeygenassist $0x01, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x02, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x04, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x08, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x10, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x20, %%xmm1, %%xmm2 \ncall 1b \n"
- "aeskeygenassist $0x40, %%xmm1, %%xmm2 \ncall 1b \n"
+ "2: \n"
+ AESKEYGENA xmm1_xmm2 ",0x01 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x02 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x04 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x08 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x10 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x20 \ncall 1b \n"
+ AESKEYGENA xmm1_xmm2 ",0x40 \ncall 1b \n"
:
: "r" (rk), "r" (key)
: "memory", "cc", "0" );
diff --git a/library/arc4.c b/library/arc4.c
index 536ea8c..dbf0c7e 100644
--- a/library/arc4.c
+++ b/library/arc4.c
@@ -28,7 +28,11 @@
* http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ARC4_C)
diff --git a/library/asn1parse.c b/library/asn1parse.c
index c9ce75a..8b8e2df 100644
--- a/library/asn1parse.c
+++ b/library/asn1parse.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ASN1_PARSE_C)
diff --git a/library/asn1write.c b/library/asn1write.c
index 626e0ff..314c9f9 100644
--- a/library/asn1write.c
+++ b/library/asn1write.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ASN1_WRITE_C)
diff --git a/library/base64.c b/library/base64.c
index ee9c05c..103d814 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_BASE64_C)
diff --git a/library/bignum.c b/library/bignum.c
index 012e9e3..ac7f25c 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -30,7 +30,11 @@
* http://math.libtomcrypt.com/files/tommath.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_BIGNUM_C)
@@ -1773,16 +1777,28 @@
return( ret );
}
+/*
+ * Fill X with size bytes of random.
+ *
+ * Use a temporary bytes representation to make sure the result is the same
+ * regardless of the platform endianness (usefull when f_rng is actually
+ * deterministic, eg for tests).
+ */
int mpi_fill_random( mpi *X, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
+ unsigned char buf[POLARSSL_MPI_MAX_SIZE];
+
+ if( size > POLARSSL_MPI_MAX_SIZE )
+ return( POLARSSL_ERR_MPI_BAD_INPUT_DATA );
MPI_CHK( mpi_grow( X, CHARS_TO_LIMBS( size ) ) );
MPI_CHK( mpi_lset( X, 0 ) );
- MPI_CHK( f_rng( p_rng, (unsigned char *) X->p, size ) );
+ MPI_CHK( f_rng( p_rng, buf, size ) );
+ MPI_CHK( mpi_read_binary( X, buf, size ) );
cleanup:
return( ret );
diff --git a/library/blowfish.c b/library/blowfish.c
index 910d610..733c9fa 100644
--- a/library/blowfish.c
+++ b/library/blowfish.c
@@ -29,7 +29,11 @@
*
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_BLOWFISH_C)
diff --git a/library/camellia.c b/library/camellia.c
index f007a46..4bf0b29 100644
--- a/library/camellia.c
+++ b/library/camellia.c
@@ -29,7 +29,11 @@
* http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_CAMELLIA_C)
diff --git a/library/certs.c b/library/certs.c
index 7409efa..982226d 100644
--- a/library/certs.c
+++ b/library/certs.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_CERTS_C)
diff --git a/library/cipher.c b/library/cipher.c
index a103c26..7534b2f 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -27,7 +27,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_CIPHER_C)
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index 23065c4..2a79eef 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -27,7 +27,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_CIPHER_C)
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 4027809..89b4c4c 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -28,7 +28,11 @@
* http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_CTR_DRBG_C)
diff --git a/library/debug.c b/library/debug.c
index 60e39ed..b768e64 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_DEBUG_C)
diff --git a/library/des.c b/library/des.c
index 7da3269..b8bb271 100644
--- a/library/des.c
+++ b/library/des.c
@@ -29,7 +29,11 @@
* http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_DES_C)
diff --git a/library/dhm.c b/library/dhm.c
index 635e63e..5a38c14 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -28,7 +28,11 @@
* http://www.cacr.math.uwaterloo.ca/hac/ (chapter 12)
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_DHM_C)
diff --git a/library/ecdh.c b/library/ecdh.c
index e35602d..fa32593 100644
--- a/library/ecdh.c
+++ b/library/ecdh.c
@@ -30,7 +30,11 @@
* RFC 4492
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ECDH_C)
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 6e45f2f..e467e37 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -29,7 +29,11 @@
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ECDSA_C)
diff --git a/library/ecp.c b/library/ecp.c
index 4823804..7e965d3 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -44,7 +44,11 @@
* <http://eprint.iacr.org/2004/342.pdf>
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ECP_C)
diff --git a/library/ecp_curves.c b/library/ecp_curves.c
index afb1dd7..7fc07a0 100644
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ECP_C)
diff --git a/library/entropy.c b/library/entropy.c
index d62fecf..238719b 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ENTROPY_C)
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index badcfac..5c1dcc7 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ENTROPY_C)
diff --git a/library/error.c b/library/error.c
index b2e8346..ed0f39e 100644
--- a/library/error.c
+++ b/library/error.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ERROR_C)
diff --git a/library/gcm.c b/library/gcm.c
index 1c6cf9f..d5918a5 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -33,7 +33,11 @@
* [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_GCM_C)
diff --git a/library/havege.c b/library/havege.c
index 4d6f418..42aceda 100644
--- a/library/havege.c
+++ b/library/havege.c
@@ -30,7 +30,11 @@
* Contact: seznec(at)irisa_dot_fr - orocheco(at)irisa_dot_fr
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_HAVEGE_C)
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index baef526..619b446 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -29,7 +29,11 @@
* References below are based on rev. 1 (January 2012).
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_HMAC_DRBG_C)
diff --git a/library/md.c b/library/md.c
index 5ab0fad..a05bf34 100644
--- a/library/md.c
+++ b/library/md.c
@@ -27,7 +27,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_MD_C)
diff --git a/library/md2.c b/library/md2.c
index f29877f..1e1691d 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -29,7 +29,11 @@
* http://www.ietf.org/rfc/rfc1319.txt
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_MD2_C)
diff --git a/library/md4.c b/library/md4.c
index 8ac6c01..aa5f539 100644
--- a/library/md4.c
+++ b/library/md4.c
@@ -29,7 +29,11 @@
* http://www.ietf.org/rfc/rfc1320.txt
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_MD4_C)
diff --git a/library/md5.c b/library/md5.c
index c596e43..6ceab8a 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -28,7 +28,11 @@
* http://www.ietf.org/rfc/rfc1321.txt
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_MD5_C)
diff --git a/library/md_wrap.c b/library/md_wrap.c
index a6c1bac..0b091e3 100644
--- a/library/md_wrap.c
+++ b/library/md_wrap.c
@@ -27,7 +27,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_MD_C)
diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c
index 33ab5ac..5176176 100644
--- a/library/memory_buffer_alloc.c
+++ b/library/memory_buffer_alloc.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
diff --git a/library/net.c b/library/net.c
index ff48986..0bc2f68 100644
--- a/library/net.c
+++ b/library/net.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_NET_C)
diff --git a/library/oid.c b/library/oid.c
index a2b929b..2b52935 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -25,7 +25,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_OID_C)
@@ -196,6 +200,38 @@
"postalCode",
},
{
+ { ADD_LEN( OID_AT_SUR_NAME ), "id-at-surName", "Surname" },
+ "SN",
+ },
+ {
+ { ADD_LEN( OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" },
+ "GN",
+ },
+ {
+ { ADD_LEN( OID_AT_INITIALS ), "id-at-initials", "Initials" },
+ "initials",
+ },
+ {
+ { ADD_LEN( OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" },
+ "generationQualifier",
+ },
+ {
+ { ADD_LEN( OID_AT_TITLE ), "id-at-title", "Title" },
+ "title",
+ },
+ {
+ { ADD_LEN( OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" },
+ "dnQualifier",
+ },
+ {
+ { ADD_LEN( OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" },
+ "pseudonym",
+ },
+ {
+ { ADD_LEN( OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" },
+ "DC",
+ },
+ {
{ NULL, 0, NULL, NULL },
NULL,
}
diff --git a/library/padlock.c b/library/padlock.c
index 6e94532..52b04f0 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -29,7 +29,11 @@
* programming_guide.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PADLOCK_C)
diff --git a/library/pbkdf2.c b/library/pbkdf2.c
index 09e56df..6572274 100644
--- a/library/pbkdf2.c
+++ b/library/pbkdf2.c
@@ -34,7 +34,11 @@
* http://tools.ietf.org/html/rfc6070 (Test vectors)
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PBKDF2_C)
diff --git a/library/pem.c b/library/pem.c
index 1cc23ba..2f639d0 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C)
#include "polarssl/pem.h"
diff --git a/library/pk.c b/library/pk.c
index 25c9d85..ce17107 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PK_C)
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 2a4da03..513d96d 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PK_C)
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 16821b0..637c057 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -29,7 +29,11 @@
* ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1-1.asn
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PKCS12_C)
diff --git a/library/pkcs5.c b/library/pkcs5.c
index 2845f68..db4e8cc 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -33,7 +33,11 @@
* http://tools.ietf.org/html/rfc6070 (Test vectors)
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PKCS5_C)
diff --git a/library/pkparse.c b/library/pkparse.c
index d0ae5d5..ae8bddf 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PK_PARSE_C)
diff --git a/library/pkwrite.c b/library/pkwrite.c
index 4cbba10..aa04a5a 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PK_WRITE_C)
diff --git a/library/platform.c b/library/platform.c
index 8ea485d..d57cbc8 100644
--- a/library/platform.c
+++ b/library/platform.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_PLATFORM_C)
diff --git a/library/ripemd160.c b/library/ripemd160.c
index 10e60df..f0e04a8 100644
--- a/library/ripemd160.c
+++ b/library/ripemd160.c
@@ -29,7 +29,11 @@
* http://ehash.iaik.tugraz.at/wiki/RIPEMD-160
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_RIPEMD160_C)
diff --git a/library/rsa.c b/library/rsa.c
index 4523368..9cfbe2a 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -29,7 +29,11 @@
* http://www.cacr.math.uwaterloo.ca/hac/about/chap8.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_RSA_C)
@@ -168,7 +172,7 @@
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
if( mpi_msb( &ctx->E ) < 2 ||
- mpi_msb( &ctx->E ) > 64 )
+ mpi_cmp_mpi( &ctx->E, &ctx->N ) >= 0 )
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
return( 0 );
@@ -1469,6 +1473,7 @@
#if defined(POLARSSL_PKCS1_V15)
static int myrand( void *rng_state, unsigned char *output, size_t len )
{
+#if !defined(__OpenBSD__)
size_t i;
if( rng_state != NULL )
@@ -1476,6 +1481,12 @@
for( i = 0; i < len; ++i )
output[i] = rand();
+#else
+ if( rng_state != NULL )
+ rng_state = NULL;
+
+ arc4random_buf( output, len );
+#endif /* !OpenBSD */
return( 0 );
}
diff --git a/library/sha1.c b/library/sha1.c
index f02d6e6..b89db32 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -28,7 +28,11 @@
* http://www.itl.nist.gov/fipspubs/fip180-1.htm
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SHA1_C)
diff --git a/library/sha256.c b/library/sha256.c
index 638188f..e3d3ea8 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -28,7 +28,11 @@
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SHA256_C)
diff --git a/library/sha512.c b/library/sha512.c
index 1bef2e9..1d4b977 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -28,7 +28,11 @@
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SHA512_C)
diff --git a/library/ssl_cache.c b/library/ssl_cache.c
index 4c7d3db..69f7114 100644
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@@ -27,7 +27,11 @@
* to store and retrieve the session information.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SSL_CACHE_C)
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index e91546b..8018fe7 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -25,7 +25,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SSL_TLS_C)
@@ -42,11 +46,11 @@
/*
* Ordered from most preferred to least preferred in terms of security.
*
- * Current rule (except weak and null which come last):
+ * Current rule (except rc4, weak and null which come last):
* 1. By key exchange:
* Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
* 2. By key length and cipher:
- * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES > RC4
+ * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
* 3. By cipher mode when relevant GCM > CBC
* 4. By hash function used
* 5. By key exchange/auth again: EC > non-EC
@@ -97,8 +101,6 @@
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
- TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
- TLS_ECDHE_RSA_WITH_RC4_128_SHA,
/* The PSK ephemeral suites */
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
@@ -121,8 +123,6 @@
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS_ECDHE_PSK_WITH_RC4_128_SHA,
- TLS_DHE_PSK_WITH_RC4_128_SHA,
/* All AES-256 suites */
TLS_RSA_WITH_AES_256_GCM_SHA384,
@@ -166,12 +166,8 @@
/* All remaining >= 128-bit suites */
TLS_RSA_WITH_3DES_EDE_CBC_SHA,
- TLS_RSA_WITH_RC4_128_SHA,
- TLS_RSA_WITH_RC4_128_MD5,
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
- TLS_ECDH_RSA_WITH_RC4_128_SHA,
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
- TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
/* The RSA PSK suites */
TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
@@ -187,7 +183,6 @@
TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS_RSA_PSK_WITH_RC4_128_SHA,
/* The PSK suites */
TLS_PSK_WITH_AES_256_GCM_SHA384,
@@ -203,6 +198,17 @@
TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
TLS_PSK_WITH_3DES_EDE_CBC_SHA,
+
+ /* RC4 suites */
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS_ECDHE_PSK_WITH_RC4_128_SHA,
+ TLS_DHE_PSK_WITH_RC4_128_SHA,
+ TLS_RSA_WITH_RC4_128_SHA,
+ TLS_RSA_WITH_RC4_128_MD5,
+ TLS_ECDH_RSA_WITH_RC4_128_SHA,
+ TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
+ TLS_RSA_PSK_WITH_RC4_128_SHA,
TLS_PSK_WITH_RC4_128_SHA,
/* Weak suites */
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 0a69f4d..72299ee 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SSL_CLI_C)
@@ -651,9 +655,12 @@
SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d",
ext_len ) );
- *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ext_len ) & 0xFF );
- p += ext_len;
+ if( ext_len > 0 )
+ {
+ *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
+ *p++ = (unsigned char)( ( ext_len ) & 0xFF );
+ p += ext_len;
+ }
ssl->out_msglen = p - buf;
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index dee6cd8..21c4e2b 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SSL_SRV_C)
@@ -1921,9 +1925,12 @@
SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) );
- *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ext_len ) & 0xFF );
- p += ext_len;
+ if( ext_len > 0 )
+ {
+ *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
+ *p++ = (unsigned char)( ( ext_len ) & 0xFF );
+ p += ext_len;
+ }
ssl->out_msglen = p - buf;
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index cbbbd5bd..057c707 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -31,7 +31,11 @@
* http://www.ietf.org/rfc/rfc4346.txt
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SSL_TLS_C)
@@ -1908,6 +1912,12 @@
SSL_DEBUG_MSG( 2, ( "=> fetch input" ) );
+ if( nb_want > SSL_BUFFER_LEN - 8 )
+ {
+ SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) );
+ return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+ }
+
while( ssl->in_left < nb_want )
{
len = nb_want - ssl->in_left;
@@ -2131,13 +2141,20 @@
return( POLARSSL_ERR_SSL_INVALID_RECORD );
}
+ /* Sanity check (outer boundaries) */
+ if( ssl->in_msglen < 1 || ssl->in_msglen > SSL_BUFFER_LEN - 13 )
+ {
+ SSL_DEBUG_MSG( 1, ( "bad message length" ) );
+ return( POLARSSL_ERR_SSL_INVALID_RECORD );
+ }
+
/*
- * Make sure the message length is acceptable
+ * Make sure the message length is acceptable for the current transform
+ * and protocol version.
*/
if( ssl->transform_in == NULL )
{
- if( ssl->in_msglen < 1 ||
- ssl->in_msglen > SSL_MAX_CONTENT_LEN )
+ if( ssl->in_msglen > SSL_MAX_CONTENT_LEN )
{
SSL_DEBUG_MSG( 1, ( "bad message length" ) );
return( POLARSSL_ERR_SSL_INVALID_RECORD );
diff --git a/library/threading.c b/library/threading.c
index 744fe27..5b25e01 100644
--- a/library/threading.c
+++ b/library/threading.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_THREADING_C)
diff --git a/library/timing.c b/library/timing.c
index d8b5b46..f22591d 100644
--- a/library/timing.c
+++ b/library/timing.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
diff --git a/library/version.c b/library/version.c
index c1080b7..120d62d 100644
--- a/library/version.c
+++ b/library/version.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_VERSION_C)
diff --git a/library/version_features.c b/library/version_features.c
new file mode 100644
index 0000000..d7d2d8f
--- /dev/null
+++ b/library/version_features.c
@@ -0,0 +1,546 @@
+/*
+ * Version feature information
+ *
+ * Copyright (C) 2006-2014, Brainspark B.V.
+ *
+ * This file is part of PolarSSL (http://www.polarssl.org)
+ * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
+ *
+ * All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#if !defined(POLARSSL_CONFIG_FILE)
+#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
+
+#if defined(POLARSSL_VERSION_C)
+
+#include "polarssl/version.h"
+
+#include <string.h>
+
+#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
+ !defined(EFI32)
+#define snprintf _snprintf
+#endif
+
+const char *features[] = {
+#if defined(POLARSSL_HAVE_INT8)
+ "POLARSSL_HAVE_INT8",
+#endif /* POLARSSL_HAVE_INT8 */
+#if defined(POLARSSL_HAVE_INT16)
+ "POLARSSL_HAVE_INT16",
+#endif /* POLARSSL_HAVE_INT16 */
+#if defined(POLARSSL_HAVE_LONGLONG)
+ "POLARSSL_HAVE_LONGLONG",
+#endif /* POLARSSL_HAVE_LONGLONG */
+#if defined(POLARSSL_HAVE_ASM)
+ "POLARSSL_HAVE_ASM",
+#endif /* POLARSSL_HAVE_ASM */
+#if defined(POLARSSL_HAVE_SSE2)
+ "POLARSSL_HAVE_SSE2",
+#endif /* POLARSSL_HAVE_SSE2 */
+#if defined(POLARSSL_HAVE_TIME)
+ "POLARSSL_HAVE_TIME",
+#endif /* POLARSSL_HAVE_TIME */
+#if defined(POLARSSL_HAVE_IPV6)
+ "POLARSSL_HAVE_IPV6",
+#endif /* POLARSSL_HAVE_IPV6 */
+#if defined(POLARSSL_PLATFORM_MEMORY)
+ "POLARSSL_PLATFORM_MEMORY",
+#endif /* POLARSSL_PLATFORM_MEMORY */
+#if defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS)
+ "POLARSSL_PLATFORM_NO_STD_FUNCTIONS",
+#endif /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */
+#if defined(POLARSSL_PLATFORM_PRINTF_ALT)
+ "POLARSSL_PLATFORM_PRINTF_ALT",
+#endif /* POLARSSL_PLATFORM_PRINTF_ALT */
+#if defined(POLARSSL_PLATFORM_FPRINTF_ALT)
+ "POLARSSL_PLATFORM_FPRINTF_ALT",
+#endif /* POLARSSL_PLATFORM_FPRINTF_ALT */
+#if defined(POLARSSL_TIMING_ALT)
+ "POLARSSL_TIMING_ALT",
+#endif /* POLARSSL_TIMING_ALT */
+#if defined(POLARSSL_AES_ALT)
+ "POLARSSL_AES_ALT",
+#endif /* POLARSSL_AES_ALT */
+#if defined(POLARSSL_ARC4_ALT)
+ "POLARSSL_ARC4_ALT",
+#endif /* POLARSSL_ARC4_ALT */
+#if defined(POLARSSL_BLOWFISH_ALT)
+ "POLARSSL_BLOWFISH_ALT",
+#endif /* POLARSSL_BLOWFISH_ALT */
+#if defined(POLARSSL_CAMELLIA_ALT)
+ "POLARSSL_CAMELLIA_ALT",
+#endif /* POLARSSL_CAMELLIA_ALT */
+#if defined(POLARSSL_DES_ALT)
+ "POLARSSL_DES_ALT",
+#endif /* POLARSSL_DES_ALT */
+#if defined(POLARSSL_XTEA_ALT)
+ "POLARSSL_XTEA_ALT",
+#endif /* POLARSSL_XTEA_ALT */
+#if defined(POLARSSL_MD2_ALT)
+ "POLARSSL_MD2_ALT",
+#endif /* POLARSSL_MD2_ALT */
+#if defined(POLARSSL_MD4_ALT)
+ "POLARSSL_MD4_ALT",
+#endif /* POLARSSL_MD4_ALT */
+#if defined(POLARSSL_MD5_ALT)
+ "POLARSSL_MD5_ALT",
+#endif /* POLARSSL_MD5_ALT */
+#if defined(POLARSSL_RIPEMD160_ALT)
+ "POLARSSL_RIPEMD160_ALT",
+#endif /* POLARSSL_RIPEMD160_ALT */
+#if defined(POLARSSL_SHA1_ALT)
+ "POLARSSL_SHA1_ALT",
+#endif /* POLARSSL_SHA1_ALT */
+#if defined(POLARSSL_SHA256_ALT)
+ "POLARSSL_SHA256_ALT",
+#endif /* POLARSSL_SHA256_ALT */
+#if defined(POLARSSL_SHA512_ALT)
+ "POLARSSL_SHA512_ALT",
+#endif /* POLARSSL_SHA512_ALT */
+#if defined(POLARSSL_AES_ROM_TABLES)
+ "POLARSSL_AES_ROM_TABLES",
+#endif /* POLARSSL_AES_ROM_TABLES */
+#if defined(POLARSSL_CIPHER_MODE_CBC)
+ "POLARSSL_CIPHER_MODE_CBC",
+#endif /* POLARSSL_CIPHER_MODE_CBC */
+#if defined(POLARSSL_CIPHER_MODE_CFB)
+ "POLARSSL_CIPHER_MODE_CFB",
+#endif /* POLARSSL_CIPHER_MODE_CFB */
+#if defined(POLARSSL_CIPHER_MODE_CTR)
+ "POLARSSL_CIPHER_MODE_CTR",
+#endif /* POLARSSL_CIPHER_MODE_CTR */
+#if defined(POLARSSL_CIPHER_NULL_CIPHER)
+ "POLARSSL_CIPHER_NULL_CIPHER",
+#endif /* POLARSSL_CIPHER_NULL_CIPHER */
+#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
+ "POLARSSL_CIPHER_PADDING_PKCS7",
+#endif /* POLARSSL_CIPHER_PADDING_PKCS7 */
+#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
+ "POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS",
+#endif /* POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS */
+#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
+ "POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN",
+#endif /* POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN */
+#if defined(POLARSSL_CIPHER_PADDING_ZEROS)
+ "POLARSSL_CIPHER_PADDING_ZEROS",
+#endif /* POLARSSL_CIPHER_PADDING_ZEROS */
+#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
+ "POLARSSL_ENABLE_WEAK_CIPHERSUITES",
+#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
+#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
+ "POLARSSL_ECP_DP_SECP192R1_ENABLED",
+#endif /* POLARSSL_ECP_DP_SECP192R1_ENABLED */
+#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
+ "POLARSSL_ECP_DP_SECP224R1_ENABLED",
+#endif /* POLARSSL_ECP_DP_SECP224R1_ENABLED */
+#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
+ "POLARSSL_ECP_DP_SECP256R1_ENABLED",
+#endif /* POLARSSL_ECP_DP_SECP256R1_ENABLED */
+#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
+ "POLARSSL_ECP_DP_SECP384R1_ENABLED",
+#endif /* POLARSSL_ECP_DP_SECP384R1_ENABLED */
+#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
+ "POLARSSL_ECP_DP_SECP521R1_ENABLED",
+#endif /* POLARSSL_ECP_DP_SECP521R1_ENABLED */
+#if defined(POLARSSL_ECP_DP_SECP192K1_ENABLED)
+ "POLARSSL_ECP_DP_SECP192K1_ENABLED",
+#endif /* POLARSSL_ECP_DP_SECP192K1_ENABLED */
+#if defined(POLARSSL_ECP_DP_SECP224K1_ENABLED)
+ "POLARSSL_ECP_DP_SECP224K1_ENABLED",
+#endif /* POLARSSL_ECP_DP_SECP224K1_ENABLED */
+#if defined(POLARSSL_ECP_DP_SECP256K1_ENABLED)
+ "POLARSSL_ECP_DP_SECP256K1_ENABLED",
+#endif /* POLARSSL_ECP_DP_SECP256K1_ENABLED */
+#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED)
+ "POLARSSL_ECP_DP_BP256R1_ENABLED",
+#endif /* POLARSSL_ECP_DP_BP256R1_ENABLED */
+#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED)
+ "POLARSSL_ECP_DP_BP384R1_ENABLED",
+#endif /* POLARSSL_ECP_DP_BP384R1_ENABLED */
+#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED)
+ "POLARSSL_ECP_DP_BP512R1_ENABLED",
+#endif /* POLARSSL_ECP_DP_BP512R1_ENABLED */
+#if defined(POLARSSL_ECP_DP_M221_ENABLED)
+ "POLARSSL_ECP_DP_M221_ENABLED",
+#endif /* POLARSSL_ECP_DP_M221_ENABLED */
+#if defined(POLARSSL_ECP_DP_M255_ENABLED)
+ "POLARSSL_ECP_DP_M255_ENABLED",
+#endif /* POLARSSL_ECP_DP_M255_ENABLED */
+#if defined(POLARSSL_ECP_DP_M383_ENABLED)
+ "POLARSSL_ECP_DP_M383_ENABLED",
+#endif /* POLARSSL_ECP_DP_M383_ENABLED */
+#if defined(POLARSSL_ECP_DP_M511_ENABLED)
+ "POLARSSL_ECP_DP_M511_ENABLED",
+#endif /* POLARSSL_ECP_DP_M511_ENABLED */
+#if defined(POLARSSL_ECP_NIST_OPTIM)
+ "POLARSSL_ECP_NIST_OPTIM",
+#endif /* POLARSSL_ECP_NIST_OPTIM */
+#if defined(POLARSSL_ECDSA_DETERMINISTIC)
+ "POLARSSL_ECDSA_DETERMINISTIC",
+#endif /* POLARSSL_ECDSA_DETERMINISTIC */
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+ "POLARSSL_KEY_EXCHANGE_PSK_ENABLED",
+#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
+#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
+ "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED",
+#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+ "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED",
+#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
+ "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED",
+#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
+ "POLARSSL_KEY_EXCHANGE_RSA_ENABLED",
+#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
+#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
+ "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED",
+#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
+#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
+ "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED",
+#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
+#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+ "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED",
+#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+ "POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED",
+#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED)
+ "POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED",
+#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */
+#if defined(POLARSSL_PK_PARSE_EC_EXTENDED)
+ "POLARSSL_PK_PARSE_EC_EXTENDED",
+#endif /* POLARSSL_PK_PARSE_EC_EXTENDED */
+#if defined(POLARSSL_ERROR_STRERROR_BC)
+ "POLARSSL_ERROR_STRERROR_BC",
+#endif /* POLARSSL_ERROR_STRERROR_BC */
+#if defined(POLARSSL_ERROR_STRERROR_DUMMY)
+ "POLARSSL_ERROR_STRERROR_DUMMY",
+#endif /* POLARSSL_ERROR_STRERROR_DUMMY */
+#if defined(POLARSSL_GENPRIME)
+ "POLARSSL_GENPRIME",
+#endif /* POLARSSL_GENPRIME */
+#if defined(POLARSSL_FS_IO)
+ "POLARSSL_FS_IO",
+#endif /* POLARSSL_FS_IO */
+#if defined(POLARSSL_NO_DEFAULT_ENTROPY_SOURCES)
+ "POLARSSL_NO_DEFAULT_ENTROPY_SOURCES",
+#endif /* POLARSSL_NO_DEFAULT_ENTROPY_SOURCES */
+#if defined(POLARSSL_NO_PLATFORM_ENTROPY)
+ "POLARSSL_NO_PLATFORM_ENTROPY",
+#endif /* POLARSSL_NO_PLATFORM_ENTROPY */
+#if defined(POLARSSL_ENTROPY_FORCE_SHA256)
+ "POLARSSL_ENTROPY_FORCE_SHA256",
+#endif /* POLARSSL_ENTROPY_FORCE_SHA256 */
+#if defined(POLARSSL_MEMORY_DEBUG)
+ "POLARSSL_MEMORY_DEBUG",
+#endif /* POLARSSL_MEMORY_DEBUG */
+#if defined(POLARSSL_MEMORY_BACKTRACE)
+ "POLARSSL_MEMORY_BACKTRACE",
+#endif /* POLARSSL_MEMORY_BACKTRACE */
+#if defined(POLARSSL_PKCS1_V15)
+ "POLARSSL_PKCS1_V15",
+#endif /* POLARSSL_PKCS1_V15 */
+#if defined(POLARSSL_PKCS1_V21)
+ "POLARSSL_PKCS1_V21",
+#endif /* POLARSSL_PKCS1_V21 */
+#if defined(POLARSSL_RSA_NO_CRT)
+ "POLARSSL_RSA_NO_CRT",
+#endif /* POLARSSL_RSA_NO_CRT */
+#if defined(POLARSSL_SELF_TEST)
+ "POLARSSL_SELF_TEST",
+#endif /* POLARSSL_SELF_TEST */
+#if defined(POLARSSL_SSL_ALERT_MESSAGES)
+ "POLARSSL_SSL_ALERT_MESSAGES",
+#endif /* POLARSSL_SSL_ALERT_MESSAGES */
+#if defined(POLARSSL_SSL_DEBUG_ALL)
+ "POLARSSL_SSL_DEBUG_ALL",
+#endif /* POLARSSL_SSL_DEBUG_ALL */
+#if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
+ "POLARSSL_SSL_HW_RECORD_ACCEL",
+#endif /* POLARSSL_SSL_HW_RECORD_ACCEL */
+#if defined(POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
+ "POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO",
+#endif /* POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */
+#if defined(POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
+ "POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE",
+#endif /* POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE */
+#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
+ "POLARSSL_SSL_MAX_FRAGMENT_LENGTH",
+#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
+#if defined(POLARSSL_SSL_PROTO_SSL3)
+ "POLARSSL_SSL_PROTO_SSL3",
+#endif /* POLARSSL_SSL_PROTO_SSL3 */
+#if defined(POLARSSL_SSL_PROTO_TLS1)
+ "POLARSSL_SSL_PROTO_TLS1",
+#endif /* POLARSSL_SSL_PROTO_TLS1 */
+#if defined(POLARSSL_SSL_PROTO_TLS1_1)
+ "POLARSSL_SSL_PROTO_TLS1_1",
+#endif /* POLARSSL_SSL_PROTO_TLS1_1 */
+#if defined(POLARSSL_SSL_PROTO_TLS1_2)
+ "POLARSSL_SSL_PROTO_TLS1_2",
+#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
+#if defined(POLARSSL_SSL_ALPN)
+ "POLARSSL_SSL_ALPN",
+#endif /* POLARSSL_SSL_ALPN */
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
+ "POLARSSL_SSL_SESSION_TICKETS",
+#endif /* POLARSSL_SSL_SESSION_TICKETS */
+#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
+ "POLARSSL_SSL_SERVER_NAME_INDICATION",
+#endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */
+#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
+ "POLARSSL_SSL_TRUNCATED_HMAC",
+#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
+#if defined(POLARSSL_SSL_SET_CURVES)
+ "POLARSSL_SSL_SET_CURVES",
+#endif /* POLARSSL_SSL_SET_CURVES */
+#if defined(POLARSSL_THREADING_ALT)
+ "POLARSSL_THREADING_ALT",
+#endif /* POLARSSL_THREADING_ALT */
+#if defined(POLARSSL_THREADING_PTHREAD)
+ "POLARSSL_THREADING_PTHREAD",
+#endif /* POLARSSL_THREADING_PTHREAD */
+#if defined(POLARSSL_VERSION_FEATURES)
+ "POLARSSL_VERSION_FEATURES",
+#endif /* POLARSSL_VERSION_FEATURES */
+#if defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
+ "POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3",
+#endif /* POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 */
+#if defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+ "POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION",
+#endif /* POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */
+#if defined(POLARSSL_X509_CHECK_KEY_USAGE)
+ "POLARSSL_X509_CHECK_KEY_USAGE",
+#endif /* POLARSSL_X509_CHECK_KEY_USAGE */
+#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE)
+ "POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE",
+#endif /* POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE */
+#if defined(POLARSSL_ZLIB_SUPPORT)
+ "POLARSSL_ZLIB_SUPPORT",
+#endif /* POLARSSL_ZLIB_SUPPORT */
+#if defined(POLARSSL_AESNI_C)
+ "POLARSSL_AESNI_C",
+#endif /* POLARSSL_AESNI_C */
+#if defined(POLARSSL_AES_C)
+ "POLARSSL_AES_C",
+#endif /* POLARSSL_AES_C */
+#if defined(POLARSSL_ARC4_C)
+ "POLARSSL_ARC4_C",
+#endif /* POLARSSL_ARC4_C */
+#if defined(POLARSSL_ASN1_PARSE_C)
+ "POLARSSL_ASN1_PARSE_C",
+#endif /* POLARSSL_ASN1_PARSE_C */
+#if defined(POLARSSL_ASN1_WRITE_C)
+ "POLARSSL_ASN1_WRITE_C",
+#endif /* POLARSSL_ASN1_WRITE_C */
+#if defined(POLARSSL_BASE64_C)
+ "POLARSSL_BASE64_C",
+#endif /* POLARSSL_BASE64_C */
+#if defined(POLARSSL_BIGNUM_C)
+ "POLARSSL_BIGNUM_C",
+#endif /* POLARSSL_BIGNUM_C */
+#if defined(POLARSSL_BLOWFISH_C)
+ "POLARSSL_BLOWFISH_C",
+#endif /* POLARSSL_BLOWFISH_C */
+#if defined(POLARSSL_CAMELLIA_C)
+ "POLARSSL_CAMELLIA_C",
+#endif /* POLARSSL_CAMELLIA_C */
+#if defined(POLARSSL_CERTS_C)
+ "POLARSSL_CERTS_C",
+#endif /* POLARSSL_CERTS_C */
+#if defined(POLARSSL_CIPHER_C)
+ "POLARSSL_CIPHER_C",
+#endif /* POLARSSL_CIPHER_C */
+#if defined(POLARSSL_CTR_DRBG_C)
+ "POLARSSL_CTR_DRBG_C",
+#endif /* POLARSSL_CTR_DRBG_C */
+#if defined(POLARSSL_DEBUG_C)
+ "POLARSSL_DEBUG_C",
+#endif /* POLARSSL_DEBUG_C */
+#if defined(POLARSSL_DES_C)
+ "POLARSSL_DES_C",
+#endif /* POLARSSL_DES_C */
+#if defined(POLARSSL_DHM_C)
+ "POLARSSL_DHM_C",
+#endif /* POLARSSL_DHM_C */
+#if defined(POLARSSL_ECDH_C)
+ "POLARSSL_ECDH_C",
+#endif /* POLARSSL_ECDH_C */
+#if defined(POLARSSL_ECDSA_C)
+ "POLARSSL_ECDSA_C",
+#endif /* POLARSSL_ECDSA_C */
+#if defined(POLARSSL_ECP_C)
+ "POLARSSL_ECP_C",
+#endif /* POLARSSL_ECP_C */
+#if defined(POLARSSL_ENTROPY_C)
+ "POLARSSL_ENTROPY_C",
+#endif /* POLARSSL_ENTROPY_C */
+#if defined(POLARSSL_ERROR_C)
+ "POLARSSL_ERROR_C",
+#endif /* POLARSSL_ERROR_C */
+#if defined(POLARSSL_GCM_C)
+ "POLARSSL_GCM_C",
+#endif /* POLARSSL_GCM_C */
+#if defined(POLARSSL_HAVEGE_C)
+ "POLARSSL_HAVEGE_C",
+#endif /* POLARSSL_HAVEGE_C */
+#if defined(POLARSSL_HMAC_DRBG_C)
+ "POLARSSL_HMAC_DRBG_C",
+#endif /* POLARSSL_HMAC_DRBG_C */
+#if defined(POLARSSL_MD_C)
+ "POLARSSL_MD_C",
+#endif /* POLARSSL_MD_C */
+#if defined(POLARSSL_MD2_C)
+ "POLARSSL_MD2_C",
+#endif /* POLARSSL_MD2_C */
+#if defined(POLARSSL_MD4_C)
+ "POLARSSL_MD4_C",
+#endif /* POLARSSL_MD4_C */
+#if defined(POLARSSL_MD5_C)
+ "POLARSSL_MD5_C",
+#endif /* POLARSSL_MD5_C */
+#if defined(POLARSSL_MEMORY_C)
+ "POLARSSL_MEMORY_C",
+#endif /* POLARSSL_MEMORY_C */
+#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
+ "POLARSSL_MEMORY_BUFFER_ALLOC_C",
+#endif /* POLARSSL_MEMORY_BUFFER_ALLOC_C */
+#if defined(POLARSSL_NET_C)
+ "POLARSSL_NET_C",
+#endif /* POLARSSL_NET_C */
+#if defined(POLARSSL_OID_C)
+ "POLARSSL_OID_C",
+#endif /* POLARSSL_OID_C */
+#if defined(POLARSSL_PADLOCK_C)
+ "POLARSSL_PADLOCK_C",
+#endif /* POLARSSL_PADLOCK_C */
+#if defined(POLARSSL_PBKDF2_C)
+ "POLARSSL_PBKDF2_C",
+#endif /* POLARSSL_PBKDF2_C */
+#if defined(POLARSSL_PEM_PARSE_C)
+ "POLARSSL_PEM_PARSE_C",
+#endif /* POLARSSL_PEM_PARSE_C */
+#if defined(POLARSSL_PEM_WRITE_C)
+ "POLARSSL_PEM_WRITE_C",
+#endif /* POLARSSL_PEM_WRITE_C */
+#if defined(POLARSSL_PK_C)
+ "POLARSSL_PK_C",
+#endif /* POLARSSL_PK_C */
+#if defined(POLARSSL_PK_PARSE_C)
+ "POLARSSL_PK_PARSE_C",
+#endif /* POLARSSL_PK_PARSE_C */
+#if defined(POLARSSL_PK_WRITE_C)
+ "POLARSSL_PK_WRITE_C",
+#endif /* POLARSSL_PK_WRITE_C */
+#if defined(POLARSSL_PKCS5_C)
+ "POLARSSL_PKCS5_C",
+#endif /* POLARSSL_PKCS5_C */
+#if defined(POLARSSL_PKCS11_C)
+ "POLARSSL_PKCS11_C",
+#endif /* POLARSSL_PKCS11_C */
+#if defined(POLARSSL_PKCS12_C)
+ "POLARSSL_PKCS12_C",
+#endif /* POLARSSL_PKCS12_C */
+#if defined(POLARSSL_PLATFORM_C)
+ "POLARSSL_PLATFORM_C",
+#endif /* POLARSSL_PLATFORM_C */
+#if defined(POLARSSL_RIPEMD160_C)
+ "POLARSSL_RIPEMD160_C",
+#endif /* POLARSSL_RIPEMD160_C */
+#if defined(POLARSSL_RSA_C)
+ "POLARSSL_RSA_C",
+#endif /* POLARSSL_RSA_C */
+#if defined(POLARSSL_SHA1_C)
+ "POLARSSL_SHA1_C",
+#endif /* POLARSSL_SHA1_C */
+#if defined(POLARSSL_SHA256_C)
+ "POLARSSL_SHA256_C",
+#endif /* POLARSSL_SHA256_C */
+#if defined(POLARSSL_SHA512_C)
+ "POLARSSL_SHA512_C",
+#endif /* POLARSSL_SHA512_C */
+#if defined(POLARSSL_SSL_CACHE_C)
+ "POLARSSL_SSL_CACHE_C",
+#endif /* POLARSSL_SSL_CACHE_C */
+#if defined(POLARSSL_SSL_CLI_C)
+ "POLARSSL_SSL_CLI_C",
+#endif /* POLARSSL_SSL_CLI_C */
+#if defined(POLARSSL_SSL_SRV_C)
+ "POLARSSL_SSL_SRV_C",
+#endif /* POLARSSL_SSL_SRV_C */
+#if defined(POLARSSL_SSL_TLS_C)
+ "POLARSSL_SSL_TLS_C",
+#endif /* POLARSSL_SSL_TLS_C */
+#if defined(POLARSSL_THREADING_C)
+ "POLARSSL_THREADING_C",
+#endif /* POLARSSL_THREADING_C */
+#if defined(POLARSSL_TIMING_C)
+ "POLARSSL_TIMING_C",
+#endif /* POLARSSL_TIMING_C */
+#if defined(POLARSSL_VERSION_C)
+ "POLARSSL_VERSION_C",
+#endif /* POLARSSL_VERSION_C */
+#if defined(POLARSSL_X509_USE_C)
+ "POLARSSL_X509_USE_C",
+#endif /* POLARSSL_X509_USE_C */
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+ "POLARSSL_X509_CRT_PARSE_C",
+#endif /* POLARSSL_X509_CRT_PARSE_C */
+#if defined(POLARSSL_X509_CRL_PARSE_C)
+ "POLARSSL_X509_CRL_PARSE_C",
+#endif /* POLARSSL_X509_CRL_PARSE_C */
+#if defined(POLARSSL_X509_CSR_PARSE_C)
+ "POLARSSL_X509_CSR_PARSE_C",
+#endif /* POLARSSL_X509_CSR_PARSE_C */
+#if defined(POLARSSL_X509_CREATE_C)
+ "POLARSSL_X509_CREATE_C",
+#endif /* POLARSSL_X509_CREATE_C */
+#if defined(POLARSSL_X509_CRT_WRITE_C)
+ "POLARSSL_X509_CRT_WRITE_C",
+#endif /* POLARSSL_X509_CRT_WRITE_C */
+#if defined(POLARSSL_X509_CSR_WRITE_C)
+ "POLARSSL_X509_CSR_WRITE_C",
+#endif /* POLARSSL_X509_CSR_WRITE_C */
+#if defined(POLARSSL_XTEA_C)
+ "POLARSSL_XTEA_C",
+#endif /* POLARSSL_XTEA_C */
+ NULL
+};
+
+int version_check_feature( const char *feature )
+{
+ const char **idx = features;
+
+ if( feature == NULL )
+ return( -1 );
+
+ while( *idx != NULL )
+ {
+ if( !strcasecmp( *idx, feature ) )
+ return( 0 );
+ idx++;
+ }
+ return( -1 );
+}
+
+#endif /* POLARSSL_VERSION_C */
diff --git a/library/x509.c b/library/x509.c
index 0e00ef3..88e75c1 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -34,7 +34,11 @@
* http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_X509_USE_C)
diff --git a/library/x509_create.c b/library/x509_create.c
index 7637e61..8f7a789 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_X509_CREATE_C)
@@ -53,18 +57,30 @@
{
if( c - s == 2 && strncasecmp( s, "CN", 2 ) == 0 )
oid = OID_AT_CN;
+ else if( c - s == 10 && strncasecmp( s, "commonName", 10 ) == 0 )
+ oid = OID_AT_CN;
else if( c - s == 1 && strncasecmp( s, "C", 1 ) == 0 )
oid = OID_AT_COUNTRY;
+ else if( c - s == 11 && strncasecmp( s, "countryName", 11 ) == 0 )
+ oid = OID_AT_COUNTRY;
else if( c - s == 1 && strncasecmp( s, "O", 1 ) == 0 )
oid = OID_AT_ORGANIZATION;
+ else if( c - s == 16 && strncasecmp( s, "organizationName", 16 ) == 0 )
+ oid = OID_AT_ORGANIZATION;
else if( c - s == 1 && strncasecmp( s, "L", 1 ) == 0 )
oid = OID_AT_LOCALITY;
+ else if( c - s == 8 && strncasecmp( s, "locality", 8 ) == 0 )
+ oid = OID_AT_LOCALITY;
else if( c - s == 1 && strncasecmp( s, "R", 1 ) == 0 )
oid = OID_PKCS9_EMAIL;
else if( c - s == 2 && strncasecmp( s, "OU", 2 ) == 0 )
oid = OID_AT_ORG_UNIT;
+ else if( c - s == 22 && strncasecmp( s, "organizationalUnitName", 22 ) == 0 )
+ oid = OID_AT_ORG_UNIT;
else if( c - s == 2 && strncasecmp( s, "ST", 2 ) == 0 )
oid = OID_AT_STATE;
+ else if( c - s == 19 && strncasecmp( s, "stateOrProvinceName", 19 ) == 0 )
+ oid = OID_AT_STATE;
else if( c - s == 12 && strncasecmp( s, "emailAddress", 12 ) == 0 )
oid = OID_PKCS9_EMAIL;
else if( c - s == 12 && strncasecmp( s, "serialNumber", 12 ) == 0 )
@@ -73,6 +89,28 @@
oid = OID_AT_POSTAL_ADDRESS;
else if( c - s == 10 && strncasecmp( s, "postalCode", 10 ) == 0 )
oid = OID_AT_POSTAL_CODE;
+ else if( c - s == 11 && strncasecmp( s, "dnQualifier", 11 ) == 0 )
+ oid = OID_AT_DN_QUALIFIER;
+ else if( c - s == 5 && strncasecmp( s, "title", 5 ) == 0 )
+ oid = OID_AT_TITLE;
+ else if( c - s == 7 && strncasecmp( s, "surName", 7 ) == 0 )
+ oid = OID_AT_SUR_NAME;
+ else if( c - s == 2 && strncasecmp( s, "SN", 2 ) == 0 )
+ oid = OID_AT_SUR_NAME;
+ else if( c - s == 9 && strncasecmp( s, "givenName", 9 ) == 0 )
+ oid = OID_AT_GIVEN_NAME;
+ else if( c - s == 2 && strncasecmp( s, "GN", 2 ) == 0 )
+ oid = OID_AT_GIVEN_NAME;
+ else if( c - s == 8 && strncasecmp( s, "initials", 8 ) == 0 )
+ oid = OID_AT_INITIALS;
+ else if( c - s == 9 && strncasecmp( s, "pseudonym", 9 ) == 0 )
+ oid = OID_AT_PSEUDONYM;
+ else if( c - s == 19 && strncasecmp( s, "generationQualifier", 19 ) == 0 )
+ oid = OID_AT_GENERATION_QUALIFIER;
+ else if( c - s == 15 && strncasecmp( s, "domainComponent", 15 ) == 0 )
+ oid = OID_DOMAIN_COMPONENT;
+ else if( c - s == 2 && strncasecmp( s, "DC", 2 ) == 0 )
+ oid = OID_DOMAIN_COMPONENT;
else
{
ret = POLARSSL_ERR_X509_UNKNOWN_OID;
diff --git a/library/x509_crl.c b/library/x509_crl.c
index e3ebbff..6e46e1f 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -34,7 +34,11 @@
* http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_X509_CRL_PARSE_C)
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 2c32122..d072366 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -34,7 +34,11 @@
* http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 4fb9ac2..7213fd2 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -34,7 +34,11 @@
* http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_X509_CSR_PARSE_C)
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 15a1194..302b877 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -29,7 +29,11 @@
* - attributes: PKCS#9 v2.0 aka RFC 2985
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_X509_CRT_WRITE_C)
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 3a49aee..6e7bed4 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -28,7 +28,11 @@
* - attributes: PKCS#9 v2.0 aka RFC 2985
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_X509_CSR_WRITE_C)
diff --git a/library/xtea.c b/library/xtea.c
index 1bb6f29..58f970c 100644
--- a/library/xtea.c
+++ b/library/xtea.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_XTEA_C)
diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c
index 1239ca2..28f74d1 100644
--- a/programs/aes/aescrypt2.c
+++ b/programs/aes/aescrypt2.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(_WIN32)
#include <windows.h>
diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c
index 859dc33..3e89ba6 100644
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@@ -24,7 +24,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(_WIN32)
#include <windows.h>
diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c
index 498039b..b5de2a1 100644
--- a/programs/hash/generic_sum.c
+++ b/programs/hash/generic_sum.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/hash/hello.c b/programs/hash/hello.c
index 21c1387..5bcfee9 100644
--- a/programs/hash/hello.c
+++ b/programs/hash/hello.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <stdio.h>
diff --git a/programs/hash/md5sum.c b/programs/hash/md5sum.c
index 7429650..ba7eea4 100644
--- a/programs/hash/md5sum.c
+++ b/programs/hash/md5sum.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/hash/sha1sum.c b/programs/hash/sha1sum.c
index bd3fd6e..3a87b51 100644
--- a/programs/hash/sha1sum.c
+++ b/programs/hash/sha1sum.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/hash/sha2sum.c b/programs/hash/sha2sum.c
index 2e6884d..3452054 100644
--- a/programs/hash/sha2sum.c
+++ b/programs/hash/sha2sum.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index 66450b6..154f5e3 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c
index 6d6e35a..e75b338 100644
--- a/programs/pkey/dh_genprime.c
+++ b/programs/pkey/dh_genprime.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <stdio.h>
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index eb417da..c2fdbbf 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c
index 3dccfeb..0b4f8c4 100644
--- a/programs/pkey/ecdsa.c
+++ b/programs/pkey/ecdsa.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c
index 43ae6e1..7c8efef 100644
--- a/programs/pkey/gen_key.c
+++ b/programs/pkey/gen_key.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c
index b355069..27199ba 100644
--- a/programs/pkey/key_app.c
+++ b/programs/pkey/key_app.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c
index 269ddbd..c35736f 100644
--- a/programs/pkey/key_app_writer.c
+++ b/programs/pkey/key_app_writer.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c
index cc57f5f..2e9bf93 100644
--- a/programs/pkey/mpi_demo.c
+++ b/programs/pkey/mpi_demo.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <stdio.h>
diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c
index bf3455d..8088c8f 100644
--- a/programs/pkey/pk_decrypt.c
+++ b/programs/pkey/pk_decrypt.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c
index 149e7dd..ad00573 100644
--- a/programs/pkey/pk_encrypt.c
+++ b/programs/pkey/pk_encrypt.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index 4adb753..2c355d9 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c
index f2664a6..e970520 100644
--- a/programs/pkey/pk_verify.c
+++ b/programs/pkey/pk_verify.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c
index 02d30c8..c77d210 100644
--- a/programs/pkey/rsa_decrypt.c
+++ b/programs/pkey/rsa_decrypt.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c
index 2ed27e2..51a5ddb 100644
--- a/programs/pkey/rsa_encrypt.c
+++ b/programs/pkey/rsa_encrypt.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c
index 7711776..861e2c7 100644
--- a/programs/pkey/rsa_genkey.c
+++ b/programs/pkey/rsa_genkey.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <stdio.h>
diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c
index ad907dd..0689557 100644
--- a/programs/pkey/rsa_sign.c
+++ b/programs/pkey/rsa_sign.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index de33a6e..890a0b6 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c
index cc3506d..9c7c5ee 100644
--- a/programs/pkey/rsa_verify.c
+++ b/programs/pkey/rsa_verify.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c
index 0969a5a..84945c3 100644
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c
index e0cbe52..67679c8 100644
--- a/programs/random/gen_entropy.c
+++ b/programs/random/gen_entropy.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "polarssl/entropy.h"
diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c
index 32b8521..ddd7737 100644
--- a/programs/random/gen_random_ctr_drbg.c
+++ b/programs/random/gen_random_ctr_drbg.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
diff --git a/programs/random/gen_random_havege.c b/programs/random/gen_random_havege.c
index 9d3b560..fd39411 100644
--- a/programs/random/gen_random_havege.c
+++ b/programs/random/gen_random_havege.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include "polarssl/havege.h"
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index a61ae64..e5a68e2 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 012403a..62d29ad 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 9279194..554be1f 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(_WIN32)
#include <windows.h>
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 64006ec..455cca9 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index efb360c..254505e 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -24,7 +24,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(_WIN32)
#include <windows.h>
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index 5b86f9b..fcc518c 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(_WIN32)
#include <windows.h>
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 44f04a4..48d5d30 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && defined(POLARSSL_FS_IO)
#define POLARSSL_SNI
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 2f359ad..7077518 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/test/o_p_test.c b/programs/test/o_p_test.c
index 3a6c693..1478940 100644
--- a/programs/test/o_p_test.c
+++ b/programs/test/o_p_test.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index ba6e1d5..a2e7f75 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c
index 57f5f84..2553dba 100644
--- a/programs/test/ssl_cert_test.c
+++ b/programs/test/ssl_cert_test.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdio.h>
diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c
index 79bab94..069dc8a 100644
--- a/programs/test/ssl_test.c
+++ b/programs/test/ssl_test.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c
index a755694..5386fdb 100644
--- a/programs/util/pem2der.c
+++ b/programs/util/pem2der.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/util/strerror.c b/programs/util/strerror.c
index 91f5c9e..b56eaae 100644
--- a/programs/util/strerror.c
+++ b/programs/util/strerror.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <stdlib.h>
#include <string.h>
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index c43e662..72618e6 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index f56cae8..6a0467a 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index 31b5205..e50a99d 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c
index 0e4cd88..b1f0a02 100644
--- a/programs/x509/crl_app.c
+++ b/programs/x509/crl_app.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c
index 1f9d628..91bb2dc 100644
--- a/programs/x509/req_app.c
+++ b/programs/x509/req_app.c
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/scripts/activate-config.pl b/scripts/activate-config.pl
index caa8cdc..5b4e8f5 100755
--- a/scripts/activate-config.pl
+++ b/scripts/activate-config.pl
@@ -1,68 +1,9 @@
#!/usr/bin/perl
+# DEPRECATED!
+#
# activate a pre-defined configuration
-use warnings;
-use strict;
-
-my $config_h = "include/polarssl/config.h";
-
-exit( main() );
-
-sub read_default {
- open my $fh, '<', $config_h or die "Failed to read $config_h: $!\n";
-
- my (@pre, @post);
- my $state = 'pre';
-
- while( my $line = <$fh> ) {
- if( $state eq 'pre' ) {
- push @pre, $line;
- $state = 'skip' if $line =~ /} name SECTION: System support/;
- }
- elsif( $state eq 'skip' ) {
- $state = 'post' if $line =~/} name SECTION: PolarSSL modules/;
- }
- else {
- push @post, $line;
- }
- }
-
- die "Failed to parse $config_h\n" if( $state ne 'post' );
-
- close $fh;
-
- push @pre, "\n";
-
- return \@pre, \@post;
-}
-
-sub read_custom {
- my ($file_name) = @_;
-
- open my $fh, '<', $file_name or die "Failed to read $file_name: $!\n";
- my @content = <$fh>;
- close $fh;
-
- return \@content;
-}
-
-sub write_custom {
- my ($pre, $mid, $post) = @_;
-
- open my $fh, '>', $config_h or die "Failed to write $config_h: $!\n";
- print $fh @$pre;
- print $fh @$mid;
- print $fh @$post;
- close $fh;
-}
-
-sub main {
- my $custom_file_name = $ARGV[0];
-
- my ($pre, $post) = read_default();
- my $mine = read_custom( $custom_file_name );
- write_custom( $pre, $mine, $post );
-
- return 0;
-}
+print "This script is deprecated!\n";
+print "See configs/README.txt regarding alternative config.h usage\n";
+exit 1;
diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh
index 167d000..bf033a5 100755
--- a/scripts/bump_version.sh
+++ b/scripts/bump_version.sh
@@ -84,3 +84,8 @@
mv tmp $i
done
+[ $VERBOSE ] && echo "Re-generating library/error.c"
+scripts/generate_errors.pl include/polarssl scripts/data_files library/error.c
+
+[ $VERBOSE ] && echo "Re-generating library/version_features.c"
+scripts/generate_features.pl include/polarssl scripts/data_files library/version_features.c
diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt
index 969cd95..30ee257 100644
--- a/scripts/data_files/error.fmt
+++ b/scripts/data_files/error.fmt
@@ -1,7 +1,7 @@
/*
* Error message information
*
- * Copyright (C) 2006-2012, Brainspark B.V.
+ * Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@@ -23,7 +23,11 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
#if defined(POLARSSL_ERROR_C)
diff --git a/scripts/data_files/version_features.fmt b/scripts/data_files/version_features.fmt
new file mode 100644
index 0000000..1b1a918
--- /dev/null
+++ b/scripts/data_files/version_features.fmt
@@ -0,0 +1,69 @@
+/*
+ * Version feature information
+ *
+ * Copyright (C) 2006-2014, Brainspark B.V.
+ *
+ * This file is part of PolarSSL (http://www.polarssl.org)
+ * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
+ *
+ * All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#if !defined(POLARSSL_CONFIG_FILE)
+#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
+
+#if defined(POLARSSL_VERSION_C)
+
+#include "polarssl/version.h"
+
+#include <string.h>
+
+#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
+ !defined(EFI32)
+#define snprintf _snprintf
+#endif
+
+const char *features[] = {
+#if defined(POLARSSL_VERSION_FEATURES)
+FEATURE_DEFINES
+#endif
+ NULL
+};
+
+int version_check_feature( const char *feature )
+{
+ const char **idx = features;
+
+ if( *idx == NULL )
+ return( -2 );
+
+ if( feature == NULL )
+ return( -1 );
+
+ while( *idx != NULL )
+ {
+ if( !strcasecmp( *idx, feature ) )
+ return( 0 );
+ idx++;
+ }
+ return( -1 );
+}
+
+#endif /* POLARSSL_VERSION_C */
diff --git a/scripts/generate_features.pl b/scripts/generate_features.pl
new file mode 100755
index 0000000..a72247d
--- /dev/null
+++ b/scripts/generate_features.pl
@@ -0,0 +1,57 @@
+#!/usr/bin/perl
+#
+
+use strict;
+
+my $include_dir = shift or die "Missing include directory";
+my $data_dir = shift or die "Missing data directory";
+my $feature_file = shift or die "Missing destination file";
+my $feature_format_file = $data_dir.'/version_features.fmt';
+
+my @sections = ( "System support", "PolarSSL modules",
+ "PolarSSL feature support" );
+
+my $line_separator = $/;
+undef $/;
+
+open(FORMAT_FILE, "$feature_format_file") or die "Opening feature format file '$feature_format_file': $!";
+my $feature_format = <FORMAT_FILE>;
+close(FORMAT_FILE);
+
+$/ = $line_separator;
+
+open(CONFIG_H, "$include_dir/config.h") || die("Failure when opening config.h: $!");
+
+my $feature_defines = "";
+my $in_section = 0;
+
+while (my $line = <CONFIG_H>)
+{
+ next if ($in_section && $line !~ /#define/ && $line !~ /SECTION/);
+ next if (!$in_section && $line !~ /SECTION/);
+
+ if ($in_section) {
+ if ($line =~ /SECTION/) {
+ $in_section = 0;
+ next;
+ }
+
+ my ($define) = $line =~ /#define (\w+)/;
+ $feature_defines .= "#if defined(${define})\n";
+ $feature_defines .= " \"${define}\",\n";
+ $feature_defines .= "#endif /* ${define} */\n";
+ }
+
+ if (!$in_section) {
+ my ($section_name) = $line =~ /SECTION: ([\w ]+)/;
+ my $found_section = grep $_ eq $section_name, @sections;
+
+ $in_section = 1 if ($found_section);
+ }
+};
+
+$feature_format =~ s/FEATURE_DEFINES\n/$feature_defines/g;
+
+open(ERROR_FILE, ">$feature_file") or die "Opening destination file '$feature_file': $!";
+print ERROR_FILE $feature_format;
+close(ERROR_FILE);
diff --git a/tests/scripts/generate_code.pl b/tests/scripts/generate_code.pl
index 6c2ac6e..6cba14f 100755
--- a/tests/scripts/generate_code.pl
+++ b/tests/scripts/generate_code.pl
@@ -59,7 +59,11 @@
open(TEST_FILE, ">$test_file") or die "Opening destination file '$test_file': $!";
print TEST_FILE << "END";
+#if !defined(POLARSSL_CONFIG_FILE)
#include <polarssl/config.h>
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
$suite_pre_code
$suite_header
diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl
index 4577252..6f60925 100755
--- a/tests/scripts/test-ref-configs.pl
+++ b/tests/scripts/test-ref-configs.pl
@@ -4,29 +4,34 @@
# - build
# - run test suite
# - run compat.sh
+#
+# Usage: tests/scripts/test-ref-configs.pl [config-name [...]]
use warnings;
use strict;
my %configs = (
- 'config-psk-rc4-tls1_0.h' => '-m tls1 -f \'^PSK.*RC4\|TLS-PSK.*RC4\'',
+ 'config-psk-rc4-tls1_0.h'
+ => '-m tls1 -f \'^PSK.*RC4\|TLS-PSK.*RC4\'',
'config-mini-tls1_1.h'
- => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'',
- 'config-suite-b.h' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM'",
+ => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'',
+ 'config-suite-b.h'
+ => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM'",
);
+# If no config-name is provided, use all known configs.
+# Otherwise, use the provided names only.
if ($#ARGV >= 0) {
- # filter configs
- my @filtered_keys;
- my %filtered_configs;
+ my %configs_ori = ( %configs );
+ %configs = ();
- foreach my $filter (@ARGV) {
- push (@filtered_keys, $filter);
+ foreach my $conf_name (@ARGV) {
+ if( ! exists $configs_ori{$conf_name} ) {
+ die "Unknown configuration: $conf_name\n";
+ } else {
+ $configs{$conf_name} = $configs_ori{$conf_name};
+ }
}
- @filtered_keys = grep { exists $configs{$ARGV[0]} } @filtered_keys;
- @filtered_configs{@filtered_keys} = @configs{@filtered_keys};
-
- %configs = %filtered_configs;
}
-d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
@@ -49,7 +54,7 @@
print "* Testing configuration: $conf\n";
print "******************************************\n";
- system( "scripts/activate-config.pl configs/$conf" )
+ system( "cp configs/$conf $config_h" )
and abort "Failed to activate $conf\n";
system( "make" ) and abort "Failed to build: $conf\n";
diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index 1e09666..f6a3529 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -105,6 +105,7 @@
*/
static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
{
+#if !defined(__OpenBSD__)
size_t i;
if( rng_state != NULL )
@@ -112,6 +113,12 @@
for( i = 0; i < len; ++i )
output[i] = rand();
+#else
+ if( rng_state != NULL )
+ rng_state = NULL;
+
+ arc4random_buf( output, len );
+#endif /* !OpenBSD */
return( 0 );
}
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index bd4b6e9..5e9afe3 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -310,7 +310,13 @@
rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"00fedcba9876543213":0
RSA Check Public key #8 (E larger than 64 bits)
-rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"01fedcba9876543213":POLARSSL_ERR_RSA_KEY_CHECK_FAILED
+rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"01fedcba9876543213":0
+
+RSA Check Public key #9 (E has size N-2)
+rsa_check_pubkey:16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034d":0
+
+RSA Check Public key #10 (E has size N)
+rsa_check_pubkey:16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":POLARSSL_ERR_RSA_KEY_CHECK_FAILED
RSA Private (Correct)
rsa_private:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"48ce62658d82be10737bd5d3579aed15bc82617e6758ba862eeb12d049d7bacaf2f62fce8bf6e980763d1951f7f0eae3a493df9890d249314b39d00d6ef791de0daebf2c50f46e54aeb63a89113defe85de6dbe77642aae9f2eceb420f3a47a56355396e728917f17876bb829fabcaeef8bf7ef6de2ff9e84e6108ea2e52bbb62b7b288efa0a3835175b8b08fac56f7396eceb1c692d419ecb79d80aef5bc08a75d89de9f2b2d411d881c0e3ffad24c311a19029d210d3d3534f1b626f982ea322b4d1cfba476860ef20d4f672f38c371084b5301b429b747ea051a619e4430e0dac33c12f9ee41ca4d81a4f6da3e495aa8524574bdc60d290dd1f7a62e90a67":0
diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data
index 1691e81..44a70ca 100644
--- a/tests/suites/test_suite_version.data
+++ b/tests/suites/test_suite_version.data
@@ -3,3 +3,13 @@
Check runtime library version
check_runtime_version:"1.3.6"
+
+Check for POLARSSL_VERSION_C
+check_feature:"POLARSSL_VERSION_C":0
+
+Check for POLARSSL_AES_C when already present
+depends_on:POLARSSL_AES_C
+check_feature:"POLARSSL_AES_C":0
+
+Check for unknown define
+check_feature:"POLARSSL_UNKNOWN":-1
diff --git a/tests/suites/test_suite_version.function b/tests/suites/test_suite_version.function
index b28707f..0619007 100644
--- a/tests/suites/test_suite_version.function
+++ b/tests/suites/test_suite_version.function
@@ -63,3 +63,11 @@
TEST_ASSERT( strcmp( version_str, get_str ) == 0 );
}
/* END_CASE */
+
+/* BEGIN_CASE */
+void check_feature( char *feature, int result )
+{
+ int check = version_check_feature( feature );
+ TEST_ASSERT( check == result );
+}
+/* END_CASE */
diff --git a/visualc/VS2010/PolarSSL.vcxproj b/visualc/VS2010/PolarSSL.vcxproj
index c944e3c..529794a 100644
--- a/visualc/VS2010/PolarSSL.vcxproj
+++ b/visualc/VS2010/PolarSSL.vcxproj
@@ -156,6 +156,7 @@
<ClInclude Include="..\..\include\polarssl\cipher.h" />
<ClInclude Include="..\..\include\polarssl\cipher_wrap.h" />
<ClInclude Include="..\..\include\polarssl\config.h" />
+ <ClInclude Include="..\..\include\polarssl\check_config.h" />
<ClInclude Include="..\..\include\polarssl\ctr_drbg.h" />
<ClInclude Include="..\..\include\polarssl\debug.h" />
<ClInclude Include="..\..\include\polarssl\des.h" />
@@ -264,6 +265,7 @@
<ClCompile Include="..\..\library\threading.c" />
<ClCompile Include="..\..\library\timing.c" />
<ClCompile Include="..\..\library\version.c" />
+ <ClCompile Include="..\..\library\version_features.c" />
<ClCompile Include="..\..\library\x509.c" />
<ClCompile Include="..\..\library\x509_create.c" />
<ClCompile Include="..\..\library\x509_crl.c" />
diff --git a/visualc/VS6/polarssl.dsp b/visualc/VS6/polarssl.dsp
index 38b33f8..71dfd7f 100644
--- a/visualc/VS6/polarssl.dsp
+++ b/visualc/VS6/polarssl.dsp
@@ -317,6 +317,10 @@
# End Source File
# Begin Source File
+SOURCE=..\..\library\version_features.c
+# End Source File
+# Begin Source File
+
SOURCE=..\..\library\x509.c
# End Source File
# Begin Source File
@@ -413,6 +417,10 @@
# End Source File
# Begin Source File
+SOURCE=..\..\include\polarssl\check_config.h
+# End Source File
+# Begin Source File
+
SOURCE=..\..\include\polarssl\ctr_drbg.h
# End Source File
# Begin Source File