SSL test programs: prepare to unify common code
In preparation for unifying the common RNG-related code of ssl_client2
and ssl_server2, make it possible to copy-paste that code out of these
programs' main() functions:
* Replaces reads of the non-unifiable structure opt by reads of a
separate variable.
* Replace references to the local variable rng by a pointer.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index d34b4b0..a19b297 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -686,7 +686,7 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif
- rng_context_t rng;
+ rng_context_t rng_context;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_ssl_session saved_session;
@@ -741,7 +741,9 @@
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
- mbedtls_ctr_drbg_init( &rng.drbg );
+ rng_context_t *rng = &rng_context;
+ mbedtls_ctr_drbg_init( &rng->drbg );
+ mbedtls_entropy_init( &rng->entropy );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
@@ -1533,12 +1535,12 @@
mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
- mbedtls_entropy_init( &rng.entropy );
- if (opt.reproducible)
+ int reproducible = opt.reproducible;
+ if ( reproducible )
{
srand( 1 );
- if( ( ret = mbedtls_ctr_drbg_seed( &rng.drbg, dummy_entropy,
- &rng.entropy, (const unsigned char *) pers,
+ if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy,
+ &rng->entropy, (const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
@@ -1548,8 +1550,8 @@
}
else
{
- if( ( ret = mbedtls_ctr_drbg_seed( &rng.drbg, mbedtls_entropy_func,
- &rng.entropy, (const unsigned char *) pers,
+ if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func,
+ &rng->entropy, (const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
@@ -1903,7 +1905,7 @@
#endif
#endif
}
- mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &rng.drbg );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &rng->drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
@@ -3023,8 +3025,8 @@
mbedtls_ssl_session_free( &saved_session );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
- mbedtls_ctr_drbg_free( &rng.drbg );
- mbedtls_entropy_free( &rng.entropy );
+ mbedtls_ctr_drbg_free( &rng->drbg );
+ mbedtls_entropy_free( &rng->entropy );
if( session_data != NULL )
mbedtls_platform_zeroize( session_data, session_data_len );
mbedtls_free( session_data );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 303bec9..bceca54 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1282,7 +1282,7 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif
- rng_context_t rng;
+ rng_context_t rng_context;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
#if defined(MBEDTLS_TIMING_C)
@@ -1376,7 +1376,9 @@
mbedtls_net_init( &listen_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
- mbedtls_ctr_drbg_init( &rng.drbg );
+ rng_context_t *rng = &rng_context;
+ mbedtls_ctr_drbg_init( &rng->drbg );
+ mbedtls_entropy_init( &rng->entropy );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &srvcert );
@@ -2292,12 +2294,12 @@
mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
- mbedtls_entropy_init( &rng.entropy );
- if (opt.reproducible)
+ int reproducible = opt.reproducible;
+ if ( reproducible )
{
srand( 1 );
- if( ( ret = mbedtls_ctr_drbg_seed( &rng.drbg, dummy_entropy,
- &rng.entropy, (const unsigned char *) pers,
+ if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy,
+ &rng->entropy, (const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
@@ -2307,8 +2309,8 @@
}
else
{
- if( ( ret = mbedtls_ctr_drbg_seed( &rng.drbg, mbedtls_entropy_func,
- &rng.entropy, (const unsigned char *) pers,
+ if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func,
+ &rng->entropy, (const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
@@ -2705,7 +2707,7 @@
#endif
#endif
}
- mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &rng.drbg );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &rng->drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
@@ -2724,7 +2726,7 @@
if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED )
{
if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx,
- mbedtls_ctr_drbg_random, &rng.drbg,
+ mbedtls_ctr_drbg_random, &rng->drbg,
MBEDTLS_CIPHER_AES_256_GCM,
opt.ticket_timeout ) ) != 0 )
{
@@ -2746,7 +2748,7 @@
if( opt.cookies > 0 )
{
if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx,
- mbedtls_ctr_drbg_random, &rng.drbg ) ) != 0 )
+ mbedtls_ctr_drbg_random, &rng->drbg ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret );
goto exit;
@@ -2899,7 +2901,7 @@
- opt.async_private_error :
opt.async_private_error );
ssl_async_keys.f_rng = mbedtls_ctr_drbg_random;
- ssl_async_keys.p_rng = &rng.drbg;
+ ssl_async_keys.p_rng = &rng->drbg;
mbedtls_ssl_conf_async_private_cb( &conf,
sign,
decrypt,
@@ -3997,8 +3999,8 @@
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
- mbedtls_ctr_drbg_free( &rng.drbg );
- mbedtls_entropy_free( &rng.entropy );
+ mbedtls_ctr_drbg_free( &rng->drbg );
+ mbedtls_entropy_free( &rng->entropy );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_free( &cache );