Merge branch 'development' into dtls
* development: (100 commits)
Update Changelog for the mem-measure branch
Fix issues introduced when rebasing
Fix compile error in memory_buffer_alloc_selftest
Code cosmetics
Add curve25519 to ecc-heap.sh
Add curve25519 to the benchmark program
Fix compile issue when buffer_alloc not available
New script ecc-heap.sh
Fix unused variable issue in some configs
Rm usunused member in private struct
Add heap usage for PK in benchmark
Use memory_buffer_alloc() in benchmark if available
Only define mode_func if mode is enabled (CBC etc)
PKCS8 encrypted key depend on PKCS5 or PKCS12
Disable SRV_C for client measurement
Output stack+heap usage with massif
Enable NIST_OPTIM by default for config-suite-b
Refactor memory.sh
Adapt memory.sh to config-suite-b
Adapt mini-client for config-suite-b.h
...
Conflicts:
ChangeLog
include/polarssl/net.h
library/Makefile
library/error.c
library/ssl_tls.c
programs/Makefile
programs/ssl/ssl_client2.c
programs/ssl/ssl_server2.c
tests/Makefile
diff --git a/programs/.gitignore b/programs/.gitignore
index c25ee3e..57334c4 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -40,6 +40,7 @@
ssl/ssl_pthread_server
ssl/ssl_server
ssl/ssl_server2
+ssl/mini_client
test/benchmark
test/ecp-bench
test/o_p_test
diff --git a/programs/Makefile b/programs/Makefile
index 7fa9019..29f3d73 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -5,14 +5,27 @@
CFLAGS += -I../include -D_FILE_OFFSET_BITS=64 -Wall -W -Wdeclaration-after-statement
OFLAGS = -O2
-LDFLAGS += -L../library -lmbedtls $(SYS_LDFLAGS)
+LDFLAGS += -L../library -lmbedtls$(SHARED_SUFFIX) $(SYS_LDFLAGS)
ifdef DEBUG
CFLAGS += -g3
endif
+#
+# if we running on Windows build
+# for Windows
+#
ifdef WINDOWS
+WINDOWS_BUILD=1
+endif
+
+ifdef WINDOWS_BUILD
+DLEXT=dll
+EXEXT=.exe
LDFLAGS += -lws2_32
+ifdef SHARED
+SHARED_SUFFIX=.$(DLEXT)
+endif
endif
# Zlib shared library extensions:
@@ -20,32 +33,32 @@
LDFLAGS += -lz
endif
-APPS = aes/aescrypt2 aes/crypt_and_hash \
- hash/hello hash/generic_sum \
- hash/md5sum hash/sha1sum \
- hash/sha2sum pkey/dh_client \
- pkey/dh_genprime pkey/dh_server \
- pkey/gen_key \
- pkey/key_app pkey/key_app_writer \
- pkey/mpi_demo pkey/pk_decrypt \
- pkey/pk_encrypt pkey/pk_sign \
- pkey/pk_verify pkey/rsa_genkey \
- pkey/rsa_decrypt pkey/rsa_encrypt \
- pkey/rsa_sign pkey/rsa_verify \
- pkey/rsa_sign_pss pkey/rsa_verify_pss \
- ssl/dtls_client ssl/dtls_server \
- ssl/ssl_client1 ssl/ssl_client2 \
- ssl/ssl_server ssl/ssl_server2 \
- ssl/ssl_fork_server \
- ssl/ssl_mail_client random/gen_entropy \
- random/gen_random_havege \
- random/gen_random_ctr_drbg \
- test/ssl_cert_test test/benchmark \
- test/selftest test/ssl_test \
- test/udp_proxy \
- util/pem2der util/strerror \
- x509/cert_app x509/crl_app \
- x509/cert_req
+APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \
+ hash/hello$(EXEXT) hash/generic_sum$(EXEXT) \
+ hash/md5sum$(EXEXT) hash/sha1sum$(EXEXT) \
+ hash/sha2sum$(EXEXT) pkey/dh_client$(EXEXT) \
+ pkey/dh_genprime$(EXEXT) pkey/dh_server$(EXEXT) \
+ pkey/gen_key$(EXEXT) \
+ pkey/key_app$(EXEXT) pkey/key_app_writer$(EXEXT) \
+ pkey/mpi_demo$(EXEXT) pkey/pk_decrypt$(EXEXT) \
+ pkey/pk_encrypt$(EXEXT) pkey/pk_sign$(EXEXT) \
+ pkey/pk_verify$(EXEXT) pkey/rsa_genkey$(EXEXT) \
+ pkey/rsa_decrypt$(EXEXT) pkey/rsa_encrypt$(EXEXT) \
+ pkey/rsa_sign$(EXEXT) pkey/rsa_verify$(EXEXT) \
+ pkey/rsa_sign_pss$(EXEXT) pkey/rsa_verify_pss$(EXEXT) \
+ ssl/dtls_client$(EXEXT) ssl/dtls_server$(EXEXT) \
+ ssl/ssl_client1$(EXEXT) ssl/ssl_client2$(EXEXT) \
+ ssl/ssl_server$(EXEXT) ssl/ssl_server2$(EXEXT) \
+ ssl/ssl_fork_server$(EXEXT) ssl/mini_client$(EXEXT) \
+ ssl/ssl_mail_client$(EXEXT) random/gen_entropy$(EXEXT) \
+ random/gen_random_havege$(EXEXT) \
+ random/gen_random_ctr_drbg$(EXEXT) \
+ test/ssl_cert_test$(EXEXT) test/benchmark$(EXEXT) \
+ test/selftest$(EXEXT) test/ssl_test$(EXEXT) \
+ test/udp_proxy$(EXEXT) \
+ util/pem2der$(EXEXT) util/strerror$(EXEXT) \
+ x509/cert_app$(EXEXT) x509/crl_app$(EXEXT) \
+ x509/cert_req$(EXEXT)
ifdef OPENSSL
APPS += test/o_p_test
@@ -59,199 +72,203 @@
all: $(APPS)
-aes/aescrypt2: aes/aescrypt2.c ../library/libmbedtls.a
+aes/aescrypt2$(EXEXT): aes/aescrypt2.c ../library/libmbedtls.a
echo " CC aes/aescrypt2.c"
$(CC) $(CFLAGS) $(OFLAGS) aes/aescrypt2.c $(LDFLAGS) -o $@
-aes/crypt_and_hash: aes/crypt_and_hash.c ../library/libmbedtls.a
+aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c ../library/libmbedtls.a
echo " CC aes/crypt_and_hash.c"
$(CC) $(CFLAGS) $(OFLAGS) aes/crypt_and_hash.c $(LDFLAGS) -o $@
-hash/hello: hash/hello.c ../library/libmbedtls.a
+hash/hello$(EXEXT): hash/hello.c ../library/libmbedtls.a
echo " CC hash/hello.c"
$(CC) $(CFLAGS) $(OFLAGS) hash/hello.c $(LDFLAGS) -o $@
-hash/generic_sum: hash/generic_sum.c ../library/libmbedtls.a
+hash/generic_sum$(EXEXT): hash/generic_sum.c ../library/libmbedtls.a
echo " CC hash/generic_sum.c"
$(CC) $(CFLAGS) $(OFLAGS) hash/generic_sum.c $(LDFLAGS) -o $@
-hash/md5sum: hash/md5sum.c ../library/libmbedtls.a
+hash/md5sum$(EXEXT): hash/md5sum.c ../library/libmbedtls.a
echo " CC hash/md5sum.c"
$(CC) $(CFLAGS) $(OFLAGS) hash/md5sum.c $(LDFLAGS) -o $@
-hash/sha1sum: hash/sha1sum.c ../library/libmbedtls.a
+hash/sha1sum$(EXEXT): hash/sha1sum.c ../library/libmbedtls.a
echo " CC hash/sha1sum.c"
$(CC) $(CFLAGS) $(OFLAGS) hash/sha1sum.c $(LDFLAGS) -o $@
-hash/sha2sum: hash/sha2sum.c ../library/libmbedtls.a
+hash/sha2sum$(EXEXT): hash/sha2sum.c ../library/libmbedtls.a
echo " CC hash/sha2sum.c"
$(CC) $(CFLAGS) $(OFLAGS) hash/sha2sum.c $(LDFLAGS) -o $@
-pkey/dh_client: pkey/dh_client.c ../library/libmbedtls.a
+pkey/dh_client$(EXEXT): pkey/dh_client.c ../library/libmbedtls.a
echo " CC pkey/dh_client.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/dh_client.c $(LDFLAGS) -o $@
-pkey/dh_genprime: pkey/dh_genprime.c ../library/libmbedtls.a
+pkey/dh_genprime$(EXEXT): pkey/dh_genprime.c ../library/libmbedtls.a
echo " CC pkey/dh_genprime.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/dh_genprime.c $(LDFLAGS) -o $@
-pkey/dh_server: pkey/dh_server.c ../library/libmbedtls.a
+pkey/dh_server$(EXEXT): pkey/dh_server.c ../library/libmbedtls.a
echo " CC pkey/dh_server.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/dh_server.c $(LDFLAGS) -o $@
-pkey/ecdsa: pkey/ecdsa.c ../library/libmbedtls.a
+pkey/ecdsa$(EXEXT): pkey/ecdsa.c ../library/libmbedtls.a
echo " CC pkey/ecdsa.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/ecdsa.c $(LDFLAGS) -o $@
-pkey/gen_key: pkey/gen_key.c ../library/libmbedtls.a
+pkey/gen_key$(EXEXT): pkey/gen_key.c ../library/libmbedtls.a
echo " CC pkey/gen_key.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/gen_key.c $(LDFLAGS) -o $@
-pkey/key_app: pkey/key_app.c ../library/libmbedtls.a
+pkey/key_app$(EXEXT): pkey/key_app.c ../library/libmbedtls.a
echo " CC pkey/key_app.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/key_app.c $(LDFLAGS) -o $@
-pkey/key_app_writer: pkey/key_app_writer.c ../library/libmbedtls.a
+pkey/key_app_writer$(EXEXT): pkey/key_app_writer.c ../library/libmbedtls.a
echo " CC pkey/key_app_writer.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/key_app_writer.c $(LDFLAGS) -o $@
-pkey/mpi_demo: pkey/mpi_demo.c ../library/libmbedtls.a
+pkey/mpi_demo$(EXEXT): pkey/mpi_demo.c ../library/libmbedtls.a
echo " CC pkey/mpi_demo.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/mpi_demo.c $(LDFLAGS) -o $@
-pkey/pk_decrypt: pkey/pk_decrypt.c ../library/libmbedtls.a
+pkey/pk_decrypt$(EXEXT): pkey/pk_decrypt.c ../library/libmbedtls.a
echo " CC pkey/pk_decrypt.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/pk_decrypt.c $(LDFLAGS) -o $@
-pkey/pk_encrypt: pkey/pk_encrypt.c ../library/libmbedtls.a
+pkey/pk_encrypt$(EXEXT): pkey/pk_encrypt.c ../library/libmbedtls.a
echo " CC pkey/pk_encrypt.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/pk_encrypt.c $(LDFLAGS) -o $@
-pkey/pk_sign: pkey/pk_sign.c ../library/libmbedtls.a
+pkey/pk_sign$(EXEXT): pkey/pk_sign.c ../library/libmbedtls.a
echo " CC pkey/pk_sign.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/pk_sign.c $(LDFLAGS) -o $@
-pkey/pk_verify: pkey/pk_verify.c ../library/libmbedtls.a
+pkey/pk_verify$(EXEXT): pkey/pk_verify.c ../library/libmbedtls.a
echo " CC pkey/pk_verify.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/pk_verify.c $(LDFLAGS) -o $@
-pkey/rsa_genkey: pkey/rsa_genkey.c ../library/libmbedtls.a
+pkey/rsa_genkey$(EXEXT): pkey/rsa_genkey.c ../library/libmbedtls.a
echo " CC pkey/rsa_genkey.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_genkey.c $(LDFLAGS) -o $@
-pkey/rsa_sign: pkey/rsa_sign.c ../library/libmbedtls.a
+pkey/rsa_sign$(EXEXT): pkey/rsa_sign.c ../library/libmbedtls.a
echo " CC pkey/rsa_sign.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_sign.c $(LDFLAGS) -o $@
-pkey/rsa_verify: pkey/rsa_verify.c ../library/libmbedtls.a
+pkey/rsa_verify$(EXEXT): pkey/rsa_verify.c ../library/libmbedtls.a
echo " CC pkey/rsa_verify.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_verify.c $(LDFLAGS) -o $@
-pkey/rsa_sign_pss: pkey/rsa_sign_pss.c ../library/libmbedtls.a
+pkey/rsa_sign_pss$(EXEXT): pkey/rsa_sign_pss.c ../library/libmbedtls.a
echo " CC pkey/rsa_sign_pss.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_sign_pss.c $(LDFLAGS) -o $@
-pkey/rsa_verify_pss: pkey/rsa_verify_pss.c ../library/libmbedtls.a
+pkey/rsa_verify_pss$(EXEXT): pkey/rsa_verify_pss.c ../library/libmbedtls.a
echo " CC pkey/rsa_verify_pss.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_verify_pss.c $(LDFLAGS) -o $@
-pkey/rsa_decrypt: pkey/rsa_decrypt.c ../library/libmbedtls.a
+pkey/rsa_decrypt$(EXEXT): pkey/rsa_decrypt.c ../library/libmbedtls.a
echo " CC pkey/rsa_decrypt.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_decrypt.c $(LDFLAGS) -o $@
-pkey/rsa_encrypt: pkey/rsa_encrypt.c ../library/libmbedtls.a
+pkey/rsa_encrypt$(EXEXT): pkey/rsa_encrypt.c ../library/libmbedtls.a
echo " CC pkey/rsa_encrypt.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_encrypt.c $(LDFLAGS) -o $@
-random/gen_entropy: random/gen_entropy.c ../library/libmbedtls.a
+random/gen_entropy$(EXEXT): random/gen_entropy.c ../library/libmbedtls.a
echo " CC random/gen_entropy.c"
$(CC) $(CFLAGS) $(OFLAGS) random/gen_entropy.c $(LDFLAGS) -o $@
-random/gen_random_havege: random/gen_random_havege.c ../library/libmbedtls.a
+random/gen_random_havege$(EXEXT): random/gen_random_havege.c ../library/libmbedtls.a
echo " CC random/gen_random_havege.c"
$(CC) $(CFLAGS) $(OFLAGS) random/gen_random_havege.c $(LDFLAGS) -o $@
-random/gen_random_ctr_drbg: random/gen_random_ctr_drbg.c ../library/libmbedtls.a
+random/gen_random_ctr_drbg$(EXEXT): random/gen_random_ctr_drbg.c ../library/libmbedtls.a
echo " CC random/gen_random_ctr_drbg.c"
$(CC) $(CFLAGS) $(OFLAGS) random/gen_random_ctr_drbg.c $(LDFLAGS) -o $@
-ssl/dtls_client: ssl/dtls_client.c ../library/libmbedtls.a
+ssl/dtls_client$(EXEXT): ssl/dtls_client.c ../library/libmbedtls.a
echo " CC ssl/dtls_client.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/dtls_client.c $(LDFLAGS) -o $@
-ssl/dtls_server: ssl/dtls_server.c ../library/libmbedtls.a
+ssl/dtls_server$(EXEXT): ssl/dtls_server.c ../library/libmbedtls.a
echo " CC ssl/dtls_server.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/dtls_server.c $(LDFLAGS) -o $@
-ssl/ssl_client1: ssl/ssl_client1.c ../library/libmbedtls.a
+ssl/ssl_client1$(EXEXT): ssl/ssl_client1.c ../library/libmbedtls.a
echo " CC ssl/ssl_client1.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_client1.c $(LDFLAGS) -o $@
-ssl/ssl_client2: ssl/ssl_client2.c ../library/libmbedtls.a
+ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c ../library/libmbedtls.a
echo " CC ssl/ssl_client2.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_client2.c $(LDFLAGS) -o $@
-ssl/ssl_server: ssl/ssl_server.c ../library/libmbedtls.a
+ssl/ssl_server$(EXEXT): ssl/ssl_server.c ../library/libmbedtls.a
echo " CC ssl/ssl_server.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_server.c $(LDFLAGS) -o $@
-ssl/ssl_server2: ssl/ssl_server2.c ../library/libmbedtls.a
+ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c ../library/libmbedtls.a
echo " CC ssl/ssl_server2.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_server2.c $(LDFLAGS) -o $@
-ssl/ssl_fork_server: ssl/ssl_fork_server.c ../library/libmbedtls.a
+ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c ../library/libmbedtls.a
echo " CC ssl/ssl_fork_server.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_fork_server.c $(LDFLAGS) -o $@
-ssl/ssl_pthread_server: ssl/ssl_pthread_server.c ../library/libmbedtls.a
+ssl/ssl_pthread_server$(EXEXT): ssl/ssl_pthread_server.c ../library/libmbedtls.a
echo " CC ssl/ssl_pthread_server.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_pthread_server.c $(LDFLAGS) -o $@ -lpthread
-ssl/ssl_mail_client: ssl/ssl_mail_client.c ../library/libmbedtls.a
+ssl/ssl_mail_client$(EXEXT): ssl/ssl_mail_client.c ../library/libmbedtls.a
echo " CC ssl/ssl_mail_client.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_mail_client.c $(LDFLAGS) -o $@
-test/ssl_cert_test: test/ssl_cert_test.c ../library/libmbedtls.a
+ssl/mini_client$(EXEXT): ssl/mini_client.c ../library/libmbedtls.a
+ echo " CC ssl/mini_client.c"
+ $(CC) $(CFLAGS) $(OFLAGS) ssl/mini_client.c $(LDFLAGS) -o $@
+
+test/ssl_cert_test$(EXEXT): test/ssl_cert_test.c ../library/libmbedtls.a
echo " CC test/ssl_cert_test.c"
$(CC) $(CFLAGS) $(OFLAGS) test/ssl_cert_test.c $(LDFLAGS) -o $@
-test/benchmark: test/benchmark.c ../library/libmbedtls.a
+test/benchmark$(EXEXT): test/benchmark.c ../library/libmbedtls.a
echo " CC test/benchmark.c"
$(CC) $(CFLAGS) $(OFLAGS) test/benchmark.c $(LDFLAGS) -o $@
-test/selftest: test/selftest.c ../library/libmbedtls.a
+test/selftest$(EXEXT): test/selftest.c ../library/libmbedtls.a
echo " CC test/selftest.c"
$(CC) $(CFLAGS) $(OFLAGS) test/selftest.c $(LDFLAGS) -o $@
-test/ssl_test: test/ssl_test.c ../library/libmbedtls.a
+test/ssl_test$(EXEXT): test/ssl_test.c ../library/libmbedtls.a
echo " CC test/ssl_test.c"
$(CC) $(CFLAGS) $(OFLAGS) test/ssl_test.c $(LDFLAGS) -o $@
-test/udp_proxy: test/udp_proxy.c ../library/libmbedtls.a
+test/udp_proxy$(EXEXT): test/udp_proxy.c ../library/libmbedtls.a
echo " CC test/udp_proxy.c"
$(CC) $(CFLAGS) $(OFLAGS) test/udp_proxy.c $(LDFLAGS) -o $@
-test/o_p_test: test/o_p_test.c ../library/libmbedtls.a
+test/o_p_test$(EXEXT): test/o_p_test.c ../library/libmbedtls.a
echo " CC test/o_p_test.c"
$(CC) $(CFLAGS) $(OFLAGS) test/o_p_test.c $(LDFLAGS) -o $@ -lssl -lcrypto
-util/pem2der: util/pem2der.c ../library/libmbedtls.a
+util/pem2der$(EXEXT): util/pem2der.c ../library/libmbedtls.a
echo " CC util/pem2der.c"
$(CC) $(CFLAGS) $(OFLAGS) util/pem2der.c $(LDFLAGS) -o $@
-util/strerror: util/strerror.c ../library/libmbedtls.a
+util/strerror$(EXEXT): util/strerror.c ../library/libmbedtls.a
echo " CC util/strerror.c"
$(CC) $(CFLAGS) $(OFLAGS) util/strerror.c $(LDFLAGS) -o $@
-x509/cert_app: x509/cert_app.c ../library/libmbedtls.a
+x509/cert_app$(EXEXT): x509/cert_app.c ../library/libmbedtls.a
echo " CC x509/cert_app.c"
$(CC) $(CFLAGS) $(OFLAGS) x509/cert_app.c $(LDFLAGS) -o $@
-x509/crl_app: x509/crl_app.c ../library/libmbedtls.a
+x509/crl_app$(EXEXT): x509/crl_app.c ../library/libmbedtls.a
echo " CC x509/crl_app.c"
$(CC) $(CFLAGS) $(OFLAGS) x509/crl_app.c $(LDFLAGS) -o $@
-x509/cert_req: x509/cert_req.c ../library/libmbedtls.a
+x509/cert_req$(EXEXT): x509/cert_req.c ../library/libmbedtls.a
echo " CC x509/cert_req.c"
$(CC) $(CFLAGS) $(OFLAGS) x509/cert_req.c $(LDFLAGS) -o $@
diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c
index 1f34748..430b87f 100644
--- a/programs/aes/aescrypt2.c
+++ b/programs/aes/aescrypt2.c
@@ -29,8 +29,19 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
+#endif
+
+#if defined(POLARSSL_AES_C) && defined(POLARSSL_SHA256_C) && \
+ defined(POLARSSL_FS_IO)
+#include "polarssl/aes.h"
+#include "polarssl/sha256.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
#endif
#if defined(_WIN32)
@@ -43,14 +54,6 @@
#include <unistd.h>
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <time.h>
-
-#include "polarssl/aes.h"
-#include "polarssl/sha256.h"
-
#define MODE_ENCRYPT 0
#define MODE_DECRYPT 1
@@ -60,12 +63,11 @@
"\n example: aescrypt2 0 file file.aes hex:E76B2413958B00E193\n" \
"\n"
-#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C)
-int main( int argc, char *argv[] )
+#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \
+ !defined(POLARSSL_FS_IO)
+int main( void )
{
- ((void) argc);
- ((void) argv);
- polarssl_printf("POLARSSL_AES_C and/or POLARSSL_SHA256_C not defined.\n");
+ polarssl_printf("POLARSSL_AES_C and/or POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -442,4 +444,4 @@
return( ret );
}
-#endif /* POLARSSL_AES_C && POLARSSL_SHA256_C */
+#endif /* POLARSSL_AES_C && POLARSSL_SHA256_C && POLARSSL_FS_IO */
diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c
index 7ad07b4..c76b8db 100644
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@@ -30,8 +30,19 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
+#endif
+
+#if defined(POLARSSL_CIPHER_C) && defined(POLARSSL_MD_C) && \
+ defined(POLARSSL_FS_IO)
+#include "polarssl/cipher.h"
+#include "polarssl/md.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
#endif
#if defined(_WIN32)
@@ -44,14 +55,6 @@
#include <unistd.h>
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <time.h>
-
-#include "polarssl/cipher.h"
-#include "polarssl/md.h"
-
#define MODE_ENCRYPT 0
#define MODE_DECRYPT 1
@@ -61,13 +64,11 @@
"\n example: crypt_and_hash 0 file file.aes AES-128-CBC SHA1 hex:E76B2413958B00E193\n" \
"\n"
-#if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C)
-int main( int argc, char *argv[] )
+#if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C) || \
+ !defined(POLARSSL_FS_IO)
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf("POLARSSL_CIPHER_C and/or POLARSSL_MD_C not defined.\n");
+ polarssl_printf("POLARSSL_CIPHER_C and/or POLARSSL_MD_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -399,7 +400,7 @@
goto exit;
}
- if( ( ( filesize - md_get_size( md_info ) ) %
+ if( ( ( filesize - md_get_size( md_info ) ) %
cipher_get_block_size( &cipher_ctx ) ) != 0 )
{
polarssl_fprintf( stderr, "File content not a multiple of the block size (%d).\n",
@@ -542,4 +543,4 @@
return( ret );
}
-#endif /* POLARSSL_CIPHER_C && POLARSSL_MD_C */
+#endif /* POLARSSL_CIPHER_C && POLARSSL_MD_C && POLARSSL_FS_IO */
diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c
index 20ff252..a49dbb7 100644
--- a/programs/hash/generic_sum.c
+++ b/programs/hash/generic_sum.c
@@ -29,22 +29,22 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_MD_C) && defined(POLARSSL_FS_IO)
#include "polarssl/md.h"
-#if !defined(POLARSSL_MD_C)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#include <stdio.h>
+#include <string.h>
+#endif
- polarssl_printf("POLARSSL_MD_C not defined.\n");
+#if !defined(POLARSSL_MD_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
+ polarssl_printf("POLARSSL_MD_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -225,4 +225,4 @@
return( ret );
}
-#endif /* POLARSSL_MD_C */
+#endif /* POLARSSL_MD_C && POLARSSL_FS_IO */
diff --git a/programs/hash/hello.c b/programs/hash/hello.c
index 7c0546e..c774110 100644
--- a/programs/hash/hello.c
+++ b/programs/hash/hello.c
@@ -29,32 +29,27 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <stdio.h>
-
+#if defined(POLARSSL_MD5_C)
#include "polarssl/md5.h"
+#endif
#if !defined(POLARSSL_MD5_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_MD5_C not defined.\n");
return( 0 );
}
#else
-int main( int argc, char *argv[] )
+int main( void )
{
int i;
unsigned char digest[16];
char str[] = "Hello, world!";
- ((void) argc);
- ((void) argv);
-
polarssl_printf( "\n MD5('%s') = ", str );
md5( (unsigned char *) str, 13, digest );
diff --git a/programs/hash/md5sum.c b/programs/hash/md5sum.c
index 58c2d0c..afe3454 100644
--- a/programs/hash/md5sum.c
+++ b/programs/hash/md5sum.c
@@ -29,21 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_MD5_C) && defined(POLARSSL_FS_IO)
#include "polarssl/md5.h"
-#if !defined(POLARSSL_MD5_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#include <stdio.h>
+#include <string.h>
+#endif
+#if !defined(POLARSSL_MD5_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
polarssl_printf("POLARSSL_MD5_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
diff --git a/programs/hash/sha1sum.c b/programs/hash/sha1sum.c
index 3eafc4f..8dc4e08 100644
--- a/programs/hash/sha1sum.c
+++ b/programs/hash/sha1sum.c
@@ -29,21 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_SHA1_C) && defined(POLARSSL_FS_IO)
#include "polarssl/sha1.h"
-#if !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#include <stdio.h>
+#include <string.h>
+#endif
+#if !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
polarssl_printf("POLARSSL_SHA1_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
diff --git a/programs/hash/sha2sum.c b/programs/hash/sha2sum.c
index 3fc1baa..268d170 100644
--- a/programs/hash/sha2sum.c
+++ b/programs/hash/sha2sum.c
@@ -29,21 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO)
#include "polarssl/sha256.h"
-#if !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#include <stdio.h>
+#include <string.h>
+#endif
+#if !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
polarssl_printf("POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index a34bafa..b600584 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -29,12 +29,14 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) && \
+ defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \
+ defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/net.h"
#include "polarssl/aes.h"
#include "polarssl/dhm.h"
@@ -43,26 +45,27 @@
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
#define SERVER_NAME "localhost"
#define SERVER_PORT 11999
#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_DHM_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \
- !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
+ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_SHA1_C and/or POLARSSL_FS_IO and/or "
+ "POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
-int main( int argc, char *argv[] )
+int main( void )
{
FILE *f;
@@ -81,9 +84,6 @@
dhm_context dhm;
aes_context aes;
- ((void) argc);
- ((void) argv);
-
memset( &rsa, 0, sizeof( rsa ) );
dhm_init( &dhm );
aes_init( &aes );
@@ -193,7 +193,7 @@
/*
* 5. Check that the server's RSA signature matches
- * the SHA-1 hash of (P,G,Ys)
+ * the SHA-256 hash of (P,G,Ys)
*/
polarssl_printf( "\n . Verifying the server's RSA signature" );
fflush( stdout );
@@ -210,7 +210,7 @@
sha1( buf, (int)( p - 2 - buf ), hash );
if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC,
- POLARSSL_MD_SHA1, 0, hash, p ) ) != 0 )
+ POLARSSL_MD_SHA256, 0, hash, p ) ) != 0 )
{
polarssl_printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret );
goto exit;
@@ -297,5 +297,5 @@
return( ret );
}
#endif /* POLARSSL_AES_C && POLARSSL_DHM_C && POLARSSL_ENTROPY_C &&
- POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
+ POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */
diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c
index 720232f..e0ca260 100644
--- a/programs/pkey/dh_genprime.c
+++ b/programs/pkey/dh_genprime.c
@@ -29,15 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) && \
+ defined(POLARSSL_GENPRIME)
#include "polarssl/bignum.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
/*
* Note: G = 4 is always a quadratic residue mod P,
* so it is a generator of order Q (with P = 2*Q+1).
@@ -48,18 +54,15 @@
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_GENPRIME)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_FS_IO and/or POLARSSL_CTR_DRBG_C and/or "
"POLARSSL_GENPRIME not defined.\n");
return( 0 );
}
#else
-int main( int argc, char *argv[] )
+int main( void )
{
int ret = 1;
mpi G, P, Q;
@@ -68,9 +71,6 @@
const char *pers = "dh_genprime";
FILE *fout;
- ((void) argc);
- ((void) argv);
-
mpi_init( &G ); mpi_init( &P ); mpi_init( &Q );
entropy_init( &entropy );
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index f21e578..b623a68 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -29,12 +29,14 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) && \
+ defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \
+ defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/net.h"
#include "polarssl/aes.h"
#include "polarssl/dhm.h"
@@ -43,26 +45,27 @@
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
#define SERVER_PORT 11999
#define PLAINTEXT "==Hello there!=="
#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_DHM_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \
- !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
+ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_SHA1_C and/or POLARSSL_FS_IO and/or "
+ "POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DBRG_C not defined.\n");
return( 0 );
}
#else
-int main( int argc, char *argv[] )
+int main( void )
{
FILE *f;
@@ -82,9 +85,6 @@
dhm_context dhm;
aes_context aes;
- ((void) argc);
- ((void) argv);
-
memset( &rsa, 0, sizeof( rsa ) );
dhm_init( &dhm );
aes_init( &aes );
@@ -134,7 +134,7 @@
}
rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
-
+
fclose( f );
/*
@@ -201,7 +201,7 @@
buf[n ] = (unsigned char)( rsa.len >> 8 );
buf[n + 1] = (unsigned char)( rsa.len );
- if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA1,
+ if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA256,
0, hash, buf + n + 2 ) ) != 0 )
{
polarssl_printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret );
@@ -298,5 +298,5 @@
return( ret );
}
#endif /* POLARSSL_AES_C && POLARSSL_DHM_C && POLARSSL_ENTROPY_C &&
- POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
+ POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */
diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c
index b533673..640d3e7 100644
--- a/programs/pkey/ecdsa.c
+++ b/programs/pkey/ecdsa.c
@@ -29,15 +29,18 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
+#if defined(POLARSSL_ECDSA_C) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/ecdsa.h"
#include <string.h>
-#include <stdio.h>
+#endif
/*
* Uncomment to show key and signature details
@@ -55,17 +58,13 @@
#if !defined(POLARSSL_ECDSA_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_ECDSA_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C not defined\n");
return( 0 );
}
#else
-
#if defined(VERBOSE)
static void dump_buf( const char *title, unsigned char *buf, size_t len )
{
diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c
index 2d981ab..a4095da 100644
--- a/programs/pkey/gen_key.c
+++ b/programs/pkey/gen_key.c
@@ -29,17 +29,12 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-#if !defined(_WIN32) && defined(POLARSSL_FS_IO)
-#include <unistd.h>
-#endif /* !_WIN32 && POLARSSL_FS_IO */
-
+#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_FS_IO) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/error.h"
#include "polarssl/pk.h"
#include "polarssl/ecdsa.h"
@@ -48,49 +43,12 @@
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
-#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) || \
- !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
- polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO and/or "
- "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
- "not defined.\n" );
- return( 0 );
-}
-#else
-
-#define FORMAT_PEM 0
-#define FORMAT_DER 1
-
-#define DFL_TYPE POLARSSL_PK_RSA
-#define DFL_RSA_KEYSIZE 4096
-#define DFL_FILENAME "keyfile.key"
-#define DFL_FORMAT FORMAT_PEM
-#define DFL_USE_DEV_RANDOM 0
-
-#if defined(POLARSSL_ECP_C)
-#define DFL_EC_CURVE ecp_curve_list()->grp_id
-#else
-#define DFL_EC_CURVE 0
-#endif
-
-/*
- * global options
- */
-struct options
-{
- int type; /* the type of key to generate */
- int rsa_keysize; /* length of key in bits */
- int ec_curve; /* curve identifier for EC keys */
- const char *filename; /* filename of the key file */
- int format; /* the output format to use */
- int use_dev_random; /* use /dev/random as entropy source */
-} opt;
-
-#if !defined(_WIN32) && defined(POLARSSL_FS_IO)
+#if !defined(_WIN32)
+#include <unistd.h>
#define DEV_RANDOM_THRESHOLD 32
@@ -127,8 +85,65 @@
return( 0 );
}
+#endif /* !_WIN32 */
+#endif
+
+#if defined(POLARSSL_ECP_C)
+#define DFL_EC_CURVE ecp_curve_list()->grp_id
+#else
+#define DFL_EC_CURVE 0
+#endif
+
+#if !defined(_WIN32) && defined(POLARSSL_FS_IO)
+#define USAGE_DEV_RANDOM \
+ " use_dev_random=0|1 default: 0\n"
+#else
+#define USAGE_DEV_RANDOM ""
#endif /* !_WIN32 && POLARSSL_FS_IO */
+#define FORMAT_PEM 0
+#define FORMAT_DER 1
+
+#define DFL_TYPE POLARSSL_PK_RSA
+#define DFL_RSA_KEYSIZE 4096
+#define DFL_FILENAME "keyfile.key"
+#define DFL_FORMAT FORMAT_PEM
+#define DFL_USE_DEV_RANDOM 0
+
+#define USAGE \
+ "\n usage: gen_key param=<>...\n" \
+ "\n acceptable parameters:\n" \
+ " type=rsa|ec default: rsa\n" \
+ " rsa_keysize=%%d default: 4096\n" \
+ " ec_curve=%%s see below\n" \
+ " filename=%%s default: keyfile.key\n" \
+ " format=pem|der default: pem\n" \
+ USAGE_DEV_RANDOM \
+ "\n"
+
+#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) || \
+ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
+int main( void )
+{
+ polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO and/or "
+ "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
+ "not defined.\n" );
+ return( 0 );
+}
+#else
+/*
+ * global options
+ */
+struct options
+{
+ int type; /* the type of key to generate */
+ int rsa_keysize; /* length of key in bits */
+ int ec_curve; /* curve identifier for EC keys */
+ const char *filename; /* filename of the key file */
+ int format; /* the output format to use */
+ int use_dev_random; /* use /dev/random as entropy source */
+} opt;
+
static int write_private_key( pk_context *key, const char *output_file )
{
int ret;
@@ -168,24 +183,6 @@
return( 0 );
}
-#if !defined(_WIN32) && defined(POLARSSL_FS_IO)
-#define USAGE_DEV_RANDOM \
- " use_dev_random=0|1 default: 0\n"
-#else
-#define USAGE_DEV_RANDOM ""
-#endif /* !_WIN32 && POLARSSL_FS_IO */
-
-#define USAGE \
- "\n usage: gen_key param=<>...\n" \
- "\n acceptable parameters:\n" \
- " type=rsa|ec default: rsa\n" \
- " rsa_keysize=%%d default: 4096\n" \
- " ec_curve=%%s see below\n" \
- " filename=%%s default: keyfile.key\n" \
- " format=pem|der default: pem\n" \
- USAGE_DEV_RANDOM \
- "\n"
-
int main( int argc, char *argv[] )
{
int ret = 0;
diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c
index 04bad87..98f36db 100644
--- a/programs/pkey/key_app.c
+++ b/programs/pkey/key_app.c
@@ -29,29 +29,18 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && \
+ defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/error.h"
#include "polarssl/rsa.h"
#include "polarssl/x509.h"
-#if !defined(POLARSSL_BIGNUM_C) || \
- !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf("POLARSSL_BIGNUM_C and/or "
- "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
- return( 0 );
-}
-#else
+#include <string.h>
+#endif
#define MODE_NONE 0
#define MODE_PRIVATE 1
@@ -63,6 +52,25 @@
#define DFL_PASSWORD_FILE ""
#define DFL_DEBUG_LEVEL 0
+#define USAGE \
+ "\n usage: key_app param=<>...\n" \
+ "\n acceptable parameters:\n" \
+ " mode=private|public default: none\n" \
+ " filename=%%s default: keyfile.key\n" \
+ " password=%%s default: \"\"\n" \
+ " password_file=%%s default: \"\"\n" \
+ "\n"
+
+
+#if !defined(POLARSSL_BIGNUM_C) || \
+ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
+ polarssl_printf("POLARSSL_BIGNUM_C and/or "
+ "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
+ return( 0 );
+}
+#else
/*
* global options
*/
@@ -74,15 +82,6 @@
const char *password_file; /* password_file for the private key */
} opt;
-#define USAGE \
- "\n usage: key_app param=<>...\n" \
- "\n acceptable parameters:\n" \
- " mode=private|public default: none\n" \
- " filename=%%s default: keyfile.key\n" \
- " password=%%s default: \"\"\n" \
- " password_file=%%s default: \"\"\n" \
- "\n"
-
int main( int argc, char *argv[] )
{
int ret = 0;
diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c
index c9830c2..09233ff 100644
--- a/programs/pkey/key_app_writer.c
+++ b/programs/pkey/key_app_writer.c
@@ -29,27 +29,41 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/error.h"
#include "polarssl/pk.h"
#include "polarssl/error.h"
-#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#include <stdio.h>
+#include <string.h>
+#endif
- polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO not defined.\n" );
- return( 0 );
-}
+#if defined(POLARSSL_PEM_WRITE_C)
+#define USAGE_OUT \
+ " output_file=%%s default: keyfile.pem\n" \
+ " output_format=pem|der default: pem\n"
#else
+#define USAGE_OUT \
+ " output_file=%%s default: keyfile.der\n" \
+ " output_format=der default: der\n"
+#endif
+
+#if defined(POLARSSL_PEM_WRITE_C)
+#define DFL_OUTPUT_FILENAME "keyfile.pem"
+#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_PEM
+#else
+#define DFL_OUTPUT_FILENAME "keyfile.der"
+#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_DER
+#endif
+
+#define DFL_MODE MODE_NONE
+#define DFL_FILENAME "keyfile.key"
+#define DFL_DEBUG_LEVEL 0
+#define DFL_OUTPUT_MODE OUTPUT_MODE_NONE
#define MODE_NONE 0
#define MODE_PRIVATE 1
@@ -62,18 +76,22 @@
#define OUTPUT_FORMAT_PEM 0
#define OUTPUT_FORMAT_DER 1
-#define DFL_MODE MODE_NONE
-#define DFL_FILENAME "keyfile.key"
-#define DFL_DEBUG_LEVEL 0
-#define DFL_OUTPUT_MODE OUTPUT_MODE_NONE
-#if defined(POLARSSL_PEM_WRITE_C)
-#define DFL_OUTPUT_FILENAME "keyfile.pem"
-#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_PEM
-#else
-#define DFL_OUTPUT_FILENAME "keyfile.der"
-#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_DER
-#endif
+#define USAGE \
+ "\n usage: key_app param=<>...\n" \
+ "\n acceptable parameters:\n" \
+ " mode=private|public default: none\n" \
+ " filename=%%s default: keyfile.key\n" \
+ " output_mode=private|public default: none\n" \
+ USAGE_OUT \
+ "\n"
+#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
+ polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO not defined.\n" );
+ return( 0 );
+}
+#else
/*
* global options
*/
@@ -170,25 +188,6 @@
return( 0 );
}
-#if defined(POLARSSL_PEM_WRITE_C)
-#define USAGE_OUT \
- " output_file=%%s default: keyfile.pem\n" \
- " output_format=pem|der default: pem\n"
-#else
-#define USAGE_OUT \
- " output_file=%%s default: keyfile.der\n" \
- " output_format=der default: der\n"
-#endif
-
-#define USAGE \
- "\n usage: key_app param=<>...\n" \
- "\n acceptable parameters:\n" \
- " mode=private|public default: none\n" \
- " filename=%%s default: keyfile.key\n" \
- " output_mode=private|public default: none\n" \
- USAGE_OUT \
- "\n"
-
int main( int argc, char *argv[] )
{
int ret = 0;
diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c
index b5ae13e..7281c3a 100644
--- a/programs/pkey/mpi_demo.c
+++ b/programs/pkey/mpi_demo.c
@@ -29,77 +29,82 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_FS_IO)
#include "polarssl/bignum.h"
-#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#include <stdio.h>
+#endif
+#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
-int main( int argc, char *argv[] )
+int main( void )
{
+ int ret;
mpi E, P, Q, N, H, D, X, Y, Z;
- ((void) argc);
- ((void) argv);
-
mpi_init( &E ); mpi_init( &P ); mpi_init( &Q ); mpi_init( &N );
mpi_init( &H ); mpi_init( &D ); mpi_init( &X ); mpi_init( &Y );
mpi_init( &Z );
- mpi_read_string( &P, 10, "2789" );
- mpi_read_string( &Q, 10, "3203" );
- mpi_read_string( &E, 10, "257" );
- mpi_mul_mpi( &N, &P, &Q );
+ MPI_CHK( mpi_read_string( &P, 10, "2789" ) );
+ MPI_CHK( mpi_read_string( &Q, 10, "3203" ) );
+ MPI_CHK( mpi_read_string( &E, 10, "257" ) );
+ MPI_CHK( mpi_mul_mpi( &N, &P, &Q ) );
polarssl_printf( "\n Public key:\n\n" );
- mpi_write_file( " N = ", &N, 10, NULL );
- mpi_write_file( " E = ", &E, 10, NULL );
+ MPI_CHK( mpi_write_file( " N = ", &N, 10, NULL ) );
+ MPI_CHK( mpi_write_file( " E = ", &E, 10, NULL ) );
polarssl_printf( "\n Private key:\n\n" );
- mpi_write_file( " P = ", &P, 10, NULL );
- mpi_write_file( " Q = ", &Q, 10, NULL );
+ MPI_CHK( mpi_write_file( " P = ", &P, 10, NULL ) );
+ MPI_CHK( mpi_write_file( " Q = ", &Q, 10, NULL ) );
#if defined(POLARSSL_GENPRIME)
- mpi_sub_int( &P, &P, 1 );
- mpi_sub_int( &Q, &Q, 1 );
- mpi_mul_mpi( &H, &P, &Q );
- mpi_inv_mod( &D, &E, &H );
+ MPI_CHK( mpi_sub_int( &P, &P, 1 ) );
+ MPI_CHK( mpi_sub_int( &Q, &Q, 1 ) );
+ MPI_CHK( mpi_mul_mpi( &H, &P, &Q ) );
+ MPI_CHK( mpi_inv_mod( &D, &E, &H ) );
mpi_write_file( " D = E^-1 mod (P-1)*(Q-1) = ",
&D, 10, NULL );
#else
polarssl_printf("\nTest skipped (POLARSSL_GENPRIME not defined).\n\n");
#endif
- mpi_read_string( &X, 10, "55555" );
- mpi_exp_mod( &Y, &X, &E, &N, NULL );
- mpi_exp_mod( &Z, &Y, &D, &N, NULL );
+ MPI_CHK( mpi_read_string( &X, 10, "55555" ) );
+ MPI_CHK( mpi_exp_mod( &Y, &X, &E, &N, NULL ) );
+ MPI_CHK( mpi_exp_mod( &Z, &Y, &D, &N, NULL ) );
polarssl_printf( "\n RSA operation:\n\n" );
- mpi_write_file( " X (plaintext) = ", &X, 10, NULL );
- mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL );
- mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL );
+ MPI_CHK( mpi_write_file( " X (plaintext) = ", &X, 10, NULL ) );
+ MPI_CHK( mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ) );
+ MPI_CHK( mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ) );
polarssl_printf( "\n" );
+cleanup:
mpi_free( &E ); mpi_free( &P ); mpi_free( &Q ); mpi_free( &N );
mpi_free( &H ); mpi_free( &D ); mpi_free( &X ); mpi_free( &Y );
mpi_free( &Z );
+ if( ret != 0 )
+ {
+ polarssl_printf( "\nAn error occured.\n" );
+ ret = 1;
+ }
+
#if defined(_WIN32)
polarssl_printf( " Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
- return( 0 );
+ return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_FS_IO */
diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c
index 8644698..2bd8b34 100644
--- a/programs/pkey/pk_decrypt.c
+++ b/programs/pkey/pk_decrypt.c
@@ -29,25 +29,28 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) && \
+ defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/error.h"
#include "polarssl/pk.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
+
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_FS_IO and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c
index 663c2ee..9a3e782 100644
--- a/programs/pkey/pk_encrypt.c
+++ b/programs/pkey/pk_encrypt.c
@@ -29,26 +29,28 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \
+ defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/error.h"
#include "polarssl/pk.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index 981591d..e85350d 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@@ -29,12 +29,16 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
+#define polarssl_snprintf snprintf
#define polarssl_printf printf
+#define polarssl_snprintf snprintf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_SHA256_C) && \
+ defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) && \
+ defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/error.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
@@ -42,21 +46,22 @@
#include "polarssl/pk.h"
#include "polarssl/sha1.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
- !defined(POLARSSL_SHA1_C) || \
+ !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
- "POLARSSL_SHA1_C and/or "
+ "POLARSSL_SHA256_C and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
@@ -111,10 +116,10 @@
}
/*
- * Compute the SHA-1 hash of the input file,
+ * Compute the SHA-256 hash of the input file,
* then calculate the signature of the hash.
*/
- polarssl_printf( "\n . Generating the SHA-1 signature" );
+ polarssl_printf( "\n . Generating the SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
@@ -123,7 +128,7 @@
goto exit;
}
- if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen,
+ if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA256, hash, 0, buf, &olen,
ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_sign returned -0x%04x\n", -ret );
@@ -133,7 +138,7 @@
/*
* Write the signature into <filename>-sig.txt
*/
- snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
+ polarssl_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
if( ( f = fopen( filename, "wb+" ) ) == NULL )
{
@@ -170,5 +175,5 @@
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C &&
- POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
+ POLARSSL_SHA256_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_CTR_DRBG_C */
diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c
index 0ce45f6..923afc1 100644
--- a/programs/pkey/pk_verify.c
+++ b/programs/pkey/pk_verify.c
@@ -29,31 +29,35 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
+#define polarssl_snprintf snprintf
#define polarssl_printf printf
+#define polarssl_snprintf snprintf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && \
+ defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) && \
+ defined(POLARSSL_FS_IO)
#include "polarssl/error.h"
#include "polarssl/md.h"
#include "polarssl/pk.h"
#include "polarssl/sha1.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
#if !defined(POLARSSL_BIGNUM_C) || \
- !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \
+ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or "
- "POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or "
+ "POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@@ -94,7 +98,7 @@
* Extract the signature from the text file
*/
ret = 1;
- snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
+ polarssl_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
if( ( f = fopen( filename, "rb" ) ) == NULL )
{
@@ -108,10 +112,10 @@
fclose( f );
/*
- * Compute the SHA-1 hash of the input file and compare
+ * Compute the SHA-256 hash of the input file and compare
* it with the hash decrypted from the signature.
*/
- polarssl_printf( "\n . Verifying the SHA-1 signature" );
+ polarssl_printf( "\n . Verifying the SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
@@ -120,14 +124,14 @@
goto exit;
}
- if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0,
+ if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA256, hash, 0,
buf, i ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_verify returned -0x%04x\n", -ret );
goto exit;
}
- polarssl_printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" );
+ polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
ret = 0;
@@ -146,5 +150,5 @@
return( ret );
}
-#endif /* POLARSSL_BIGNUM_C && POLARSSL_SHA1_C &&
+#endif /* POLARSSL_BIGNUM_C && POLARSSL_SHA256_C &&
POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */
diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c
index 8df5f00..368089f 100644
--- a/programs/pkey/rsa_decrypt.c
+++ b/programs/pkey/rsa_decrypt.c
@@ -29,24 +29,26 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/rsa.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_FS_IO and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c
index 58817e3..e73ad2f 100644
--- a/programs/pkey/rsa_encrypt.c
+++ b/programs/pkey/rsa_encrypt.c
@@ -29,25 +29,27 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \
+ defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/rsa.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
@@ -103,7 +105,7 @@
}
rsa_init( &rsa, RSA_PKCS_V15, 0 );
-
+
if( ( ret = mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.E, 16, f ) ) != 0 )
{
diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c
index ff31598..0314d39 100644
--- a/programs/pkey/rsa_genkey.c
+++ b/programs/pkey/rsa_genkey.c
@@ -29,35 +29,38 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME) && \
+ defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/bignum.h"
#include "polarssl/x509.h"
#include "polarssl/rsa.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
#define KEY_SIZE 1024
#define EXPONENT 65537
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_GENPRIME) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_RSA_C and/or POLARSSL_GENPRIME and/or "
"POLARSSL_FS_IO and/or POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
-int main( int argc, char *argv[] )
+int main( void )
{
int ret;
rsa_context rsa;
@@ -67,9 +70,6 @@
FILE *fpriv = NULL;
const char *pers = "rsa_genkey";
- ((void) argc);
- ((void) argv);
-
polarssl_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
@@ -86,7 +86,7 @@
fflush( stdout );
rsa_init( &rsa, RSA_PKCS_V15, 0 );
-
+
if( ( ret = rsa_gen_key( &rsa, ctr_drbg_random, &ctr_drbg, KEY_SIZE,
EXPONENT ) ) != 0 )
{
diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c
index e4f4970..277034d 100644
--- a/programs/pkey/rsa_sign.c
+++ b/programs/pkey/rsa_sign.c
@@ -1,5 +1,5 @@
/*
- * RSA/SHA-1 signature creation program
+ * RSA/SHA-256 signature creation program
*
* Copyright (C) 2006-2011, ARM Limited, All Rights Reserved
*
@@ -29,25 +29,26 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO)
#include "polarssl/rsa.h"
#include "polarssl/sha1.h"
-#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
- !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#include <stdio.h>
+#include <string.h>
+#endif
+#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
+ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_SHA1_C and/or POLARSSL_FS_IO not defined.\n");
+ "POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -85,7 +86,7 @@
}
rsa_init( &rsa, RSA_PKCS_V15, 0 );
-
+
if( ( ret = mpi_read_file( &rsa.N , 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.E , 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.D , 16, f ) ) != 0 ||
@@ -112,10 +113,10 @@
}
/*
- * Compute the SHA-1 hash of the input file,
+ * Compute the SHA-256 hash of the input file,
* then calculate the RSA signature of the hash.
*/
- polarssl_printf( "\n . Generating the RSA/SHA-1 signature" );
+ polarssl_printf( "\n . Generating the RSA/SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[1], hash ) ) != 0 )
@@ -124,7 +125,7 @@
goto exit;
}
- if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA1,
+ if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA256,
20, hash, buf ) ) != 0 )
{
polarssl_printf( " failed\n ! rsa_pkcs1_sign returned -0x%0x\n\n", -ret );
@@ -160,5 +161,5 @@
return( ret );
}
-#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
+#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_FS_IO */
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index e022db2..ad4d0b5 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -1,5 +1,5 @@
/*
- * RSASSA-PSS/SHA-1 signature creation program
+ * RSASSA-PSS/SHA-256 signature creation program
*
* Copyright (C) 2006-2011, ARM Limited, All Rights Reserved
*
@@ -29,12 +29,16 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
+#define polarssl_snprintf snprintf
#define polarssl_printf printf
+#define polarssl_snprintf snprintf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \
+ defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) && \
+ defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/md.h"
@@ -42,21 +46,22 @@
#include "polarssl/sha1.h"
#include "polarssl/x509.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
- !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
+ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
- "POLARSSL_RSA_C and/or POLARSSL_SHA1_C and/or "
+ "POLARSSL_RSA_C and/or POLARSSL_SHA256_C and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
@@ -118,13 +123,13 @@
goto exit;
}
- rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA1 );
+ rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA256 );
/*
- * Compute the SHA-1 hash of the input file,
+ * Compute the SHA-256 hash of the input file,
* then calculate the RSA signature of the hash.
*/
- polarssl_printf( "\n . Generating the RSA/SHA-1 signature" );
+ polarssl_printf( "\n . Generating the RSA/SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
@@ -133,7 +138,7 @@
goto exit;
}
- if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen,
+ if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA256, hash, 0, buf, &olen,
ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_sign returned %d\n\n", ret );
@@ -143,7 +148,7 @@
/*
* Write the signature into <filename>-sig.txt
*/
- snprintf( filename, 512, "%s.sig", argv[2] );
+ polarssl_snprintf( filename, 512, "%s.sig", argv[2] );
if( ( f = fopen( filename, "wb+" ) ) == NULL )
{
@@ -175,5 +180,5 @@
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C &&
- POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
+ POLARSSL_SHA256_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_CTR_DRBG_C */
diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c
index 6ff16e4..88d4d04 100644
--- a/programs/pkey/rsa_verify.c
+++ b/programs/pkey/rsa_verify.c
@@ -1,5 +1,5 @@
/*
- * RSA/SHA-1 signature verification program
+ * RSA/SHA-256 signature verification program
*
* Copyright (C) 2006-2011, ARM Limited, All Rights Reserved
*
@@ -29,24 +29,25 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO)
#include "polarssl/rsa.h"
#include "polarssl/sha1.h"
-#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
- !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#include <stdio.h>
+#include <string.h>
+#endif
+#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
+ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_SHA1_C and/or POLARSSL_FS_IO not defined.\n");
+ "POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -122,10 +123,10 @@
}
/*
- * Compute the SHA-1 hash of the input file and compare
+ * Compute the SHA-256 hash of the input file and compare
* it with the hash decrypted from the RSA signature.
*/
- polarssl_printf( "\n . Verifying the RSA/SHA-1 signature" );
+ polarssl_printf( "\n . Verifying the RSA/SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[1], hash ) ) != 0 )
@@ -135,13 +136,13 @@
}
if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC,
- POLARSSL_MD_SHA1, 20, hash, buf ) ) != 0 )
+ POLARSSL_MD_SHA256, 20, hash, buf ) ) != 0 )
{
polarssl_printf( " failed\n ! rsa_pkcs1_verify returned -0x%0x\n\n", -ret );
goto exit;
}
- polarssl_printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" );
+ polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
ret = 0;
@@ -154,5 +155,5 @@
return( ret );
}
-#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
+#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_FS_IO */
diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c
index 3ffdfbe..2b1570a 100644
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@@ -1,5 +1,5 @@
/*
- * RSASSA-PSS/SHA-1 signature verification program
+ * RSASSA-PSS/SHA-256 signature verification program
*
* Copyright (C) 2006-2011, ARM Limited, All Rights Reserved
*
@@ -29,32 +29,36 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
+#define polarssl_snprintf snprintf
#define polarssl_printf printf
+#define polarssl_snprintf snprintf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) && \
+ defined(POLARSSL_FS_IO)
#include "polarssl/md.h"
#include "polarssl/pem.h"
#include "polarssl/pk.h"
#include "polarssl/sha1.h"
#include "polarssl/x509.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
- !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \
+ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or "
+ "POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@@ -99,13 +103,13 @@
goto exit;
}
- rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA1 );
+ rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA256 );
/*
* Extract the RSA signature from the text file
*/
ret = 1;
- snprintf( filename, 512, "%s.sig", argv[2] );
+ polarssl_snprintf( filename, 512, "%s.sig", argv[2] );
if( ( f = fopen( filename, "rb" ) ) == NULL )
{
@@ -119,10 +123,10 @@
fclose( f );
/*
- * Compute the SHA-1 hash of the input file and compare
+ * Compute the SHA-256 hash of the input file and compare
* it with the hash decrypted from the RSA signature.
*/
- polarssl_printf( "\n . Verifying the RSA/SHA-1 signature" );
+ polarssl_printf( "\n . Verifying the RSA/SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
@@ -131,14 +135,14 @@
goto exit;
}
- if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0,
+ if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA256, hash, 0,
buf, i ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_verify returned %d\n\n", ret );
goto exit;
}
- polarssl_printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" );
+ polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
ret = 0;
@@ -152,5 +156,5 @@
return( ret );
}
-#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
+#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */
diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c
index 0ff443f..54baa18 100644
--- a/programs/random/gen_entropy.c
+++ b/programs/random/gen_entropy.c
@@ -29,21 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
+#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO)
#include "polarssl/entropy.h"
#include <stdio.h>
+#endif
-#if !defined(POLARSSL_ENTROPY_C)
-int main( int argc, char *argv[] )
+#if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO)
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf("POLARSSL_ENTROPY_C not defined.\n");
+ polarssl_printf("POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c
index c21e094..4c2286d 100644
--- a/programs/random/gen_random_ctr_drbg.c
+++ b/programs/random/gen_random_ctr_drbg.c
@@ -29,22 +29,24 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
+#if defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_FS_IO)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <stdio.h>
+#endif
-#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C)
-int main( int argc, char *argv[] )
+#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) || \
+ !defined(POLARSSL_FS_IO)
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf("POLARSSL_CTR_DRBG_C or POLARSSL_ENTROPY_C not defined.\n");
+ polarssl_printf("POLARSSL_CTR_DRBG_C and/or POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
diff --git a/programs/random/gen_random_havege.c b/programs/random/gen_random_havege.c
index 5336fc4..0f5800c 100644
--- a/programs/random/gen_random_havege.c
+++ b/programs/random/gen_random_havege.c
@@ -29,21 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
+#if defined(POLARSSL_HAVEGE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/havege.h"
-#include <time.h>
#include <stdio.h>
+#include <time.h>
+#endif
-#if !defined(POLARSSL_HAVEGE_C)
-int main( int argc, char *argv[] )
+#if !defined(POLARSSL_HAVEGE_C) || !defined(POLARSSL_FS_IO)
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_HAVEGE_C not defined.\n");
return( 0 );
}
diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index a608687..a2f5dc2 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -13,6 +13,7 @@
ssl_server
ssl_fork_server
ssl_mail_client
+ mini_client
)
if(USE_PKCS11_HELPER_LIBRARY)
@@ -47,6 +48,9 @@
add_executable(ssl_mail_client ssl_mail_client.c)
target_link_libraries(ssl_mail_client ${libs})
+add_executable(mini_client mini_client.c)
+target_link_libraries(mini_client ${libs})
+
if(THREADS_FOUND)
add_executable(ssl_pthread_server ssl_pthread_server.c)
target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT})
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
new file mode 100644
index 0000000..a06d345
--- /dev/null
+++ b/programs/ssl/mini_client.c
@@ -0,0 +1,270 @@
+/*
+ * Minimal SSL client, used for memory measurements.
+ * (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h)
+ *
+ * Copyright (C) 2014, ARM Limited, All Rights Reserved
+ *
+ * This file is part of mbed TLS (https://polarssl.org)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#if !defined(POLARSSL_CONFIG_FILE)
+#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
+
+/*
+ * We're creating and connecting the socket "manually" rather than using the
+ * NET module, in order to avoid the overhead of getaddrinfo() which tends to
+ * dominate memory usage in small configurations. For the sake of simplicity,
+ * only a Unix version is implemented.
+ */
+#if defined(unix) || defined(__unix__) || defined(__unix)
+#define UNIX
+#endif
+
+#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) || \
+ !defined(POLARSSL_NET_C) || !defined(POLARSSL_SSL_CLI_C) || \
+ !defined(UNIX)
+#if defined(POLARSSL_PLATFORM_C)
+#include "polarssl/platform.h"
+#else
+#include <stdio.h>
+#define polarssl_printf printf
+#endif
+int main( void )
+{
+ polarssl_printf( "POLARSSL_CTR_DRBG_C and/or POLARSSL_ENTROPY_C and/or "
+ "POLARSSL_NET_C and/or POLARSSL_SSL_CLI_C and/or UNIX "
+ "not defined.\n");
+ return( 0 );
+}
+#else
+
+#include <string.h>
+
+#include "polarssl/net.h"
+#include "polarssl/ssl.h"
+#include "polarssl/entropy.h"
+#include "polarssl/ctr_drbg.h"
+
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+/*
+ * Hardcoded values for server host and port
+ */
+#define PORT_BE 0x1151 /* 4433 */
+#define PORT_LE 0x5111
+#define ADDR_BE 0x7f000001 /* 127.0.0.1 */
+#define ADDR_LE 0x0100007f
+#define HOSTNAME "localhost" /* for cert verification if enabled */
+
+#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
+
+const char *pers = "mini_client";
+
+#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
+const unsigned char psk[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+};
+const char psk_id[] = "Client_identity";
+#endif
+
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+/* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */
+const unsigned char ca_cert[] = {
+ 0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01,
+ 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8,
+ 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
+ 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
+ 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
+ 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c,
+ 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c,
+ 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45,
+ 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x39,
+ 0x32, 0x34, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x32,
+ 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a,
+ 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
+ 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
+ 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c,
+ 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c,
+ 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45,
+ 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
+ 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22,
+ 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f,
+ 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e,
+ 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95,
+ 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95,
+ 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a,
+ 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2,
+ 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47,
+ 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66,
+ 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x81, 0xa0, 0x30, 0x81, 0x9d, 0x30, 0x1d,
+ 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, 0x6d, 0x20,
+ 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24,
+ 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23,
+ 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01,
+ 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb,
+ 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09,
+ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30,
+ 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61,
+ 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04,
+ 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20,
+ 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09,
+ 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0c, 0x06,
+ 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30,
+ 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03,
+ 0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xb4, 0x62, 0x73, 0x56,
+ 0x28, 0x95, 0x00, 0x7d, 0x78, 0x12, 0x26, 0xd2, 0x71, 0x7b, 0x19, 0xf8,
+ 0x8a, 0x98, 0x3e, 0x92, 0xfe, 0x33, 0x9e, 0xe4, 0x79, 0xd2, 0xfe, 0x7a,
+ 0xb7, 0x87, 0x74, 0x3c, 0x2b, 0xb8, 0xd7, 0x69, 0x94, 0x0b, 0xa3, 0x67,
+ 0x77, 0xb8, 0xb3, 0xbe, 0xd1, 0x36, 0x32, 0x02, 0x31, 0x00, 0xfd, 0x67,
+ 0x9c, 0x94, 0x23, 0x67, 0xc0, 0x56, 0xba, 0x4b, 0x33, 0x15, 0x00, 0xc6,
+ 0xe3, 0xcc, 0x31, 0x08, 0x2c, 0x9c, 0x8b, 0xda, 0xa9, 0x75, 0x23, 0x2f,
+ 0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c,
+ 0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20,
+};
+#endif /* POLARSSL_X509_CRT_PARSE_C */
+
+enum exit_codes
+{
+ exit_ok = 0,
+ ctr_drbg_init_failed,
+ ssl_init_failed,
+ socket_failed,
+ connect_failed,
+ x509_crt_parse_failed,
+ ssl_handshake_failed,
+ ssl_write_failed,
+};
+
+int main( void )
+{
+ int ret = exit_ok;
+ int server_fd = -1;
+ struct sockaddr_in addr;
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+ x509_crt ca;
+#endif
+
+ entropy_context entropy;
+ ctr_drbg_context ctr_drbg;
+ ssl_context ssl;
+
+ /*
+ * 0. Initialize and setup stuff
+ */
+ memset( &ssl, 0, sizeof( ssl_context ) );
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+ x509_crt_init( &ca );
+#endif
+
+ entropy_init( &entropy );
+ if( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
+ (const unsigned char *) pers, strlen( pers ) ) != 0 )
+ {
+ ret = ssl_init_failed;
+ goto exit;
+ }
+
+ if( ssl_init( &ssl ) != 0 )
+ {
+ ret = ssl_init_failed;
+ goto exit;
+ }
+
+ ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
+
+ ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
+
+#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
+ ssl_set_psk( &ssl, psk, sizeof( psk ),
+ (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
+#endif
+
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+ if( x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 )
+ {
+ ret = x509_crt_parse_failed;
+ goto exit;
+ }
+
+ ssl_set_ca_chain( &ssl, &ca, NULL, HOSTNAME );
+ ssl_set_authmode( &ssl, SSL_VERIFY_REQUIRED );
+#endif
+
+ /*
+ * 1. Start the connection
+ */
+ memset( &addr, 0, sizeof( addr ) );
+ addr.sin_family = AF_INET;
+
+ ret = 1; /* for endianness detection */
+ addr.sin_port = *((char *) &ret) == ret ? PORT_LE : PORT_BE;
+ addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE;
+ ret = 0;
+
+ if( ( server_fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
+ {
+ ret = socket_failed;
+ goto exit;
+ }
+
+ if( connect( server_fd,
+ (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 )
+ {
+ ret = connect_failed;
+ goto exit;
+ }
+
+ ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd );
+
+ if( ssl_handshake( &ssl ) != 0 )
+ {
+ ret = ssl_handshake_failed;
+ goto exit;
+ }
+
+ /*
+ * 2. Write the GET request and close the connection
+ */
+ if( ssl_write( &ssl, (const unsigned char *) GET_REQUEST,
+ sizeof( GET_REQUEST ) - 1 ) <= 0 )
+ {
+ ret = ssl_write_failed;
+ goto exit;
+ }
+
+ ssl_close_notify( &ssl );
+
+exit:
+ if( server_fd != -1 )
+ net_close( server_fd );
+
+ ssl_free( &ssl );
+ ctr_drbg_free( &ctr_drbg );
+ entropy_free( &entropy );
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+ x509_crt_free( &ca );
+#endif
+
+ return( ret );
+}
+#endif
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index d0bc7f5..c5ed4c3 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -29,13 +29,15 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \
+ defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_X509_CRT_PARSE_C)
#include "polarssl/net.h"
#include "polarssl/debug.h"
#include "polarssl/ssl.h"
@@ -44,15 +46,22 @@
#include "polarssl/error.h"
#include "polarssl/certs.h"
+#include <stdio.h>
+#include <string.h>
+#endif
+
+#define SERVER_PORT 4433
+#define SERVER_NAME "localhost"
+#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
+
+#define DEBUG_LEVEL 1
+
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
@@ -61,13 +70,6 @@
return( 0 );
}
#else
-
-#define SERVER_PORT 4433
-#define SERVER_NAME "localhost"
-#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
-
-#define DEBUG_LEVEL 1
-
static void my_debug( void *ctx, int level, const char *str )
{
((void) level);
@@ -76,7 +78,7 @@
fflush( (FILE *) ctx );
}
-int main( int argc, char *argv[] )
+int main( void )
{
int ret, len, server_fd = -1;
unsigned char buf[1024];
@@ -87,9 +89,6 @@
ssl_context ssl;
x509_crt cacert;
- ((void) argc);
- ((void) argv);
-
#if defined(POLARSSL_DEBUG_C)
debug_set_threshold( DEBUG_LEVEL );
#endif
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index c84980c..2f40fec 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -29,30 +29,16 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
+#define polarssl_snprintf snprintf
#endif
-#if !defined(POLARSSL_ENTROPY_C) || \
- !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
- !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
-#include <stdio.h>
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf("POLARSSL_ENTROPY_C and/or "
- "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
- "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
- return( 0 );
-}
-#else
-
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \
+ defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \
+ defined(POLARSSL_NET_C) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/entropy.h"
@@ -62,6 +48,11 @@
#include "polarssl/error.h"
#include "polarssl/debug.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
#if defined(POLARSSL_TIMING_C)
#include "polarssl/timing.h"
#endif
@@ -113,138 +104,6 @@
#define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: "
#define GET_REQUEST_END "\r\n\r\n"
-/*
- * global options
- */
-struct options
-{
- const char *server_name; /* hostname of the server (client only) */
- const char *server_addr; /* address of the server (client only) */
- int server_port; /* port on which the ssl service runs */
- int debug_level; /* level of debugging */
- int nbio; /* should I/O be blocking? */
- uint32_t read_timeout; /* timeout on ssl_read() in milliseconds */
- int max_resend; /* DTLS times to resend on read timeout */
- const char *request_page; /* page on server to request */
- int request_size; /* pad request with header to requested size */
- const char *ca_file; /* the file with the CA certificate(s) */
- const char *ca_path; /* the path with the CA certificate(s) reside */
- const char *crt_file; /* the file with the client certificate */
- const char *key_file; /* the file with the client key */
- const char *psk; /* the pre-shared key */
- const char *psk_identity; /* the pre-shared key identity */
- int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
- int renegotiation; /* enable / disable renegotiation */
- int allow_legacy; /* allow legacy renegotiation */
- int renegotiate; /* attempt renegotiation? */
- int renego_delay; /* delay before enforcing renegotiation */
- int exchanges; /* number of data exchanges */
- int min_version; /* minimum protocol version accepted */
- int max_version; /* maximum protocol version accepted */
- int arc4; /* flag for arc4 suites support */
- int auth_mode; /* verify mode for connection */
- unsigned char mfl_code; /* code for maximum fragment length */
- int trunc_hmac; /* negotiate truncated hmac or not */
- int recsplit; /* enable record splitting? */
- int reconnect; /* attempt to resume session */
- int reco_delay; /* delay in seconds before resuming session */
- int tickets; /* enable / disable session tickets */
- const char *alpn_string; /* ALPN supported protocols */
- int transport; /* TLS or DTLS? */
- uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
- uint32_t hs_to_max; /* Max value of DTLS handshake timer */
- int fallback; /* is this a fallback connection? */
- int extended_ms; /* negotiate extended master secret? */
- int etm; /* negotiate encrypt then mac? */
-} opt;
-
-static void my_debug( void *ctx, int level, const char *str )
-{
- ((void) level);
-
- polarssl_fprintf( (FILE *) ctx, "%s", str );
- fflush( (FILE *) ctx );
-}
-
-/*
- * Test recv/send functions that make sure each try returns
- * WANT_READ/WANT_WRITE at least once before sucesseding
- */
-static int my_recv( void *ctx, unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( POLARSSL_ERR_NET_WANT_READ );
- }
-
- ret = net_recv( ctx, buf, len );
- if( ret != POLARSSL_ERR_NET_WANT_READ )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-static int my_send( void *ctx, const unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( POLARSSL_ERR_NET_WANT_WRITE );
- }
-
- ret = net_send( ctx, buf, len );
- if( ret != POLARSSL_ERR_NET_WANT_WRITE )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-#if defined(POLARSSL_X509_CRT_PARSE_C)
-/*
- * Enabled if debug_level > 1 in code below
- */
-static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
-{
- char buf[1024];
- ((void) data);
-
- polarssl_printf( "\nVerify requested for (Depth %d):\n", depth );
- x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
- polarssl_printf( "%s", buf );
-
- if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
- polarssl_printf( " ! server certificate has expired\n" );
-
- if( ( (*flags) & BADCERT_REVOKED ) != 0 )
- polarssl_printf( " ! server certificate has been revoked\n" );
-
- if( ( (*flags) & BADCERT_CN_MISMATCH ) != 0 )
- polarssl_printf( " ! CN mismatch\n" );
-
- if( ( (*flags) & BADCERT_NOT_TRUSTED ) != 0 )
- polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
-
- if( ( (*flags) & BADCRL_NOT_TRUSTED ) != 0 )
- polarssl_printf( " ! CRL not trusted\n" );
-
- if( ( (*flags) & BADCRL_EXPIRED ) != 0 )
- polarssl_printf( " ! CRL expired\n" );
-
- if( ( (*flags) & BADCERT_OTHER ) != 0 )
- polarssl_printf( " ! other (unknown) flag\n" );
-
- if ( ( *flags ) == 0 )
- polarssl_printf( " This certificate has no flags\n" );
-
- return( 0 );
-}
-#endif /* POLARSSL_X509_CRT_PARSE_C */
-
#if defined(POLARSSL_X509_CRT_PARSE_C)
#if defined(POLARSSL_FS_IO)
#define USAGE_IO \
@@ -399,6 +258,149 @@
" force_ciphersuite=<name> default: all enabled\n"\
" acceptable ciphersuite names:\n"
+#if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \
+ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
+ !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
+int main( void )
+{
+ polarssl_printf("POLARSSL_ENTROPY_C and/or "
+ "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
+ "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
+ return( 0 );
+}
+#else
+/*
+ * global options
+ */
+struct options
+{
+ const char *server_name; /* hostname of the server (client only) */
+ const char *server_addr; /* address of the server (client only) */
+ int server_port; /* port on which the ssl service runs */
+ int debug_level; /* level of debugging */
+ int nbio; /* should I/O be blocking? */
+ uint32_t read_timeout; /* timeout on ssl_read() in milliseconds */
+ int max_resend; /* DTLS times to resend on read timeout */
+ const char *request_page; /* page on server to request */
+ int request_size; /* pad request with header to requested size */
+ const char *ca_file; /* the file with the CA certificate(s) */
+ const char *ca_path; /* the path with the CA certificate(s) reside */
+ const char *crt_file; /* the file with the client certificate */
+ const char *key_file; /* the file with the client key */
+ const char *psk; /* the pre-shared key */
+ const char *psk_identity; /* the pre-shared key identity */
+ int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
+ int renegotiation; /* enable / disable renegotiation */
+ int allow_legacy; /* allow legacy renegotiation */
+ int renegotiate; /* attempt renegotiation? */
+ int renego_delay; /* delay before enforcing renegotiation */
+ int exchanges; /* number of data exchanges */
+ int min_version; /* minimum protocol version accepted */
+ int max_version; /* maximum protocol version accepted */
+ int arc4; /* flag for arc4 suites support */
+ int auth_mode; /* verify mode for connection */
+ unsigned char mfl_code; /* code for maximum fragment length */
+ int trunc_hmac; /* negotiate truncated hmac or not */
+ int recsplit; /* enable record splitting? */
+ int reconnect; /* attempt to resume session */
+ int reco_delay; /* delay in seconds before resuming session */
+ int tickets; /* enable / disable session tickets */
+ const char *alpn_string; /* ALPN supported protocols */
+ int transport; /* TLS or DTLS? */
+ uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
+ uint32_t hs_to_max; /* Max value of DTLS handshake timer */
+ int fallback; /* is this a fallback connection? */
+ int extended_ms; /* negotiate extended master secret? */
+ int etm; /* negotiate encrypt then mac? */
+} opt;
+
+static void my_debug( void *ctx, int level, const char *str )
+{
+ ((void) level);
+
+ polarssl_fprintf( (FILE *) ctx, "%s", str );
+ fflush( (FILE *) ctx );
+}
+
+/*
+ * Test recv/send functions that make sure each try returns
+ * WANT_READ/WANT_WRITE at least once before sucesseding
+ */
+static int my_recv( void *ctx, unsigned char *buf, size_t len )
+{
+ static int first_try = 1;
+ int ret;
+
+ if( first_try )
+ {
+ first_try = 0;
+ return( POLARSSL_ERR_NET_WANT_READ );
+ }
+
+ ret = net_recv( ctx, buf, len );
+ if( ret != POLARSSL_ERR_NET_WANT_READ )
+ first_try = 1; /* Next call will be a new operation */
+ return( ret );
+}
+
+static int my_send( void *ctx, const unsigned char *buf, size_t len )
+{
+ static int first_try = 1;
+ int ret;
+
+ if( first_try )
+ {
+ first_try = 0;
+ return( POLARSSL_ERR_NET_WANT_WRITE );
+ }
+
+ ret = net_send( ctx, buf, len );
+ if( ret != POLARSSL_ERR_NET_WANT_WRITE )
+ first_try = 1; /* Next call will be a new operation */
+ return( ret );
+}
+
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+/*
+ * Enabled if debug_level > 1 in code below
+ */
+static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
+{
+ char buf[1024];
+ ((void) data);
+
+ polarssl_printf( "\nVerify requested for (Depth %d):\n", depth );
+ x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
+ polarssl_printf( "%s", buf );
+
+ if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
+ polarssl_printf( " ! server certificate has expired\n" );
+
+ if( ( (*flags) & BADCERT_REVOKED ) != 0 )
+ polarssl_printf( " ! server certificate has been revoked\n" );
+
+ if( ( (*flags) & BADCERT_CN_MISMATCH ) != 0 )
+ polarssl_printf( " ! CN mismatch\n" );
+
+ if( ( (*flags) & BADCERT_NOT_TRUSTED ) != 0 )
+ polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
+
+ if( ( (*flags) & BADCRL_NOT_TRUSTED ) != 0 )
+ polarssl_printf( " ! CRL not trusted\n" );
+
+ if( ( (*flags) & BADCRL_EXPIRED ) != 0 )
+ polarssl_printf( " ! CRL expired\n" );
+
+ if( ( (*flags) & BADCERT_OTHER ) != 0 )
+ polarssl_printf( " ! other (unknown) flag\n" );
+
+ if ( ( *flags ) == 0 )
+ polarssl_printf( " This certificate has no flags\n" );
+
+ return( 0 );
+}
+#endif /* POLARSSL_X509_CRT_PARSE_C */
+
int main( int argc, char *argv[] )
{
int ret = 0, len, tail_len, server_fd, i, written, frags, retry_left;
@@ -1323,7 +1325,7 @@
polarssl_printf( " > Write to server:" );
fflush( stdout );
- len = snprintf( (char *) buf, sizeof(buf) - 1, GET_REQUEST,
+ len = polarssl_snprintf( (char *) buf, sizeof(buf) - 1, GET_REQUEST,
opt.request_page );
tail_len = strlen( GET_REQUEST_END );
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 6424311..71a3aa9 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -29,23 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
#if defined(_WIN32)
#include <windows.h>
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <signal.h>
-
-#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
-#include <unistd.h>
-#endif
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) && \
+ defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) && \
+ defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \
+ defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_TIMING_C) && \
+ defined(POLARSSL_FS_IO)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/certs.h"
@@ -54,6 +52,15 @@
#include "polarssl/net.h"
#include "polarssl/timing.h"
+#include <string.h>
+#include <stdio.h>
+#include <signal.h>
+#endif
+
+#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
+#include <unistd.h>
+#endif
+
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
@@ -63,7 +70,8 @@
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
- !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_TIMING_C)
+ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_TIMING_C) || \
+ !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
@@ -77,11 +85,8 @@
return( 0 );
}
#elif defined(_WIN32)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("_WIN32 defined. This application requires fork() and signals "
"to work correctly.\n");
return( 0 );
@@ -99,7 +104,7 @@
}
}
-int main( int argc, char *argv[] )
+int main( void )
{
int ret, len, cnt = 0, pid;
int listen_fd;
@@ -113,9 +118,6 @@
x509_crt srvcert;
pk_context pkey;
- ((void) argc);
- ((void) argv);
-
memset( &ssl, 0, sizeof(ssl_context) );
entropy_init( &entropy );
@@ -340,8 +342,11 @@
len = ret;
polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf );
+
+ if( ret > 0 )
+ break;
}
- while( 0 );
+ while( 1 );
/*
* 7. Write the 200 Response
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 7259d65..8794c98 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -29,13 +29,29 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \
+ defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_X509_CRT_PARSE_C) && \
+ defined(POLARSSL_FS_IO)
+#include "polarssl/base64.h"
+#include "polarssl/error.h"
+#include "polarssl/net.h"
+#include "polarssl/ssl.h"
+#include "polarssl/entropy.h"
+#include "polarssl/ctr_drbg.h"
+#include "polarssl/certs.h"
+#include "polarssl/x509.h"
+
#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
#include <unistd.h>
@@ -46,7 +62,6 @@
#endif
#if defined(_WIN32) || defined(_WIN32_WCE)
-
#include <winsock2.h>
#include <windows.h>
@@ -59,33 +74,6 @@
#endif /* _MSC_VER */
#endif
-#include "polarssl/base64.h"
-#include "polarssl/error.h"
-#include "polarssl/net.h"
-#include "polarssl/ssl.h"
-#include "polarssl/entropy.h"
-#include "polarssl/ctr_drbg.h"
-#include "polarssl/certs.h"
-#include "polarssl/x509.h"
-
-#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
- !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
- !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
- !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
- "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
- "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
- "not defined.\n");
- return( 0 );
-}
-#else
-
#define DFL_SERVER_NAME "localhost"
#define DFL_SERVER_PORT 465
#define DFL_USER_NAME "user"
@@ -103,6 +91,55 @@
#define MODE_SSL_TLS 0
#define MODE_STARTTLS 0
+#if defined(POLARSSL_BASE64_C)
+#define USAGE_AUTH \
+ " authentication=%%d default: 0 (disabled)\n" \
+ " user_name=%%s default: \"user\"\n" \
+ " user_pwd=%%s default: \"password\"\n"
+#else
+#define USAGE_AUTH \
+ " authentication options disabled. (Require POLARSSL_BASE64_C)\n"
+#endif /* POLARSSL_BASE64_C */
+
+#if defined(POLARSSL_FS_IO)
+#define USAGE_IO \
+ " ca_file=%%s default: \"\" (pre-loaded)\n" \
+ " crt_file=%%s default: \"\" (pre-loaded)\n" \
+ " key_file=%%s default: \"\" (pre-loaded)\n"
+#else
+#define USAGE_IO \
+ " No file operations available (POLARSSL_FS_IO not defined)\n"
+#endif /* POLARSSL_FS_IO */
+
+#define USAGE \
+ "\n usage: ssl_mail_client param=<>...\n" \
+ "\n acceptable parameters:\n" \
+ " server_name=%%s default: localhost\n" \
+ " server_port=%%d default: 4433\n" \
+ " debug_level=%%d default: 0 (disabled)\n" \
+ " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \
+ USAGE_AUTH \
+ " mail_from=%%s default: \"\"\n" \
+ " mail_to=%%s default: \"\"\n" \
+ USAGE_IO \
+ " force_ciphersuite=<name> default: all enabled\n"\
+ " acceptable ciphersuite names:\n"
+
+#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
+ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
+ !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
+ !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \
+ !defined(POLARSSL_FS_IO)
+int main( void )
+{
+ polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
+ "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
+ "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
+ "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
+ "not defined.\n");
+ return( 0 );
+}
+#else
/*
* global options
*/
@@ -312,47 +349,13 @@
code[3] = '\0';
return atoi( code );
}
-
+
idx = 0;
}
}
while( 1 );
}
-#if defined(POLARSSL_BASE64_C)
-#define USAGE_AUTH \
- " authentication=%%d default: 0 (disabled)\n" \
- " user_name=%%s default: \"user\"\n" \
- " user_pwd=%%s default: \"password\"\n"
-#else
-#define USAGE_AUTH \
- " authentication options disabled. (Require POLARSSL_BASE64_C)\n"
-#endif /* POLARSSL_BASE64_C */
-
-#if defined(POLARSSL_FS_IO)
-#define USAGE_IO \
- " ca_file=%%s default: \"\" (pre-loaded)\n" \
- " crt_file=%%s default: \"\" (pre-loaded)\n" \
- " key_file=%%s default: \"\" (pre-loaded)\n"
-#else
-#define USAGE_IO \
- " No file operations available (POLARSSL_FS_IO not defined)\n"
-#endif /* POLARSSL_FS_IO */
-
-#define USAGE \
- "\n usage: ssl_mail_client param=<>...\n" \
- "\n acceptable parameters:\n" \
- " server_name=%%s default: localhost\n" \
- " server_port=%%d default: 4433\n" \
- " debug_level=%%d default: 0 (disabled)\n" \
- " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \
- USAGE_AUTH \
- " mail_from=%%s default: \"\"\n" \
- " mail_to=%%s default: \"\"\n" \
- USAGE_IO \
- " force_ciphersuite=<name> default: all enabled\n"\
- " acceptable ciphersuite names:\n"
-
int main( int argc, char *argv[] )
{
int ret = 0, len, server_fd;
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index d642a24..8ae4113 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -30,18 +30,22 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
+#define polarssl_snprintf snprintf
#endif
#if defined(_WIN32)
#include <windows.h>
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) && \
+ defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) && \
+ defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \
+ defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \
+ defined(POLARSSL_THREADING_C) && defined(POLARSSL_THREADING_PTHREAD)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/certs.h"
@@ -50,6 +54,11 @@
#include "polarssl/net.h"
#include "polarssl/error.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
#if defined(POLARSSL_SSL_CACHE_C)
#include "polarssl/ssl_cache.h"
#endif
@@ -58,17 +67,23 @@
#include "polarssl/memory_buffer_alloc.h"
#endif
+#define HTTP_RESPONSE \
+ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
+ "<h2>mbed TLS Test Server</h2>\r\n" \
+ "<p>Successful connection using: %s</p>\r\n"
+
+#define DEBUG_LEVEL 0
+
+#define MAX_NUM_THREADS 5
+
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
- !defined(POLARSSL_X509_CRT_PARSE_C) || \
+ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_THREADING_C) || !defined(POLARSSL_THREADING_PTHREAD)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
@@ -78,14 +93,6 @@
return( 0 );
}
#else
-
-#define HTTP_RESPONSE \
- "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
- "<h2>mbed TLS Test Server</h2>\r\n" \
- "<p>Successful connection using: %s</p>\r\n"
-
-#define DEBUG_LEVEL 0
-
threading_mutex_t debug_mutex;
static void my_mutexed_debug( void *ctx, int level, const char *str )
@@ -117,8 +124,6 @@
pthread_t thread;
} pthread_info_t;
-#define MAX_NUM_THREADS 5
-
static thread_info_t base_info;
static pthread_info_t threads[MAX_NUM_THREADS];
@@ -137,7 +142,7 @@
memset( &ssl, 0, sizeof( ssl_context ) );
memset( &ctr_drbg, 0, sizeof( ctr_drbg_context ) );
- snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id );
+ polarssl_snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id );
polarssl_printf( " [ #%d ] Client FD %d\n", thread_id, client_fd );
polarssl_printf( " [ #%d ] Seeding the random number generator...\n", thread_id );
@@ -366,7 +371,7 @@
return( 0 );
}
-int main( int argc, char *argv[] )
+int main( void )
{
int ret;
int listen_fd;
@@ -382,9 +387,6 @@
ssl_cache_context cache;
#endif
- ((void) argc);
- ((void) argv);
-
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
#endif
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index f590bad..83430f6 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -29,18 +29,20 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
#if defined(_WIN32)
#include <windows.h>
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) && \
+ defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) && \
+ defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \
+ defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/certs.h"
@@ -50,29 +52,15 @@
#include "polarssl/error.h"
#include "polarssl/debug.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
#if defined(POLARSSL_SSL_CACHE_C)
#include "polarssl/ssl_cache.h"
#endif
-#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
- !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
- !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
- !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
- !defined(POLARSSL_X509_CRT_PARSE_C)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
- "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
- "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
- "not defined.\n");
- return( 0 );
-}
-#else
-
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
@@ -80,6 +68,21 @@
#define DEBUG_LEVEL 0
+#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
+ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
+ !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
+ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
+ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
+ polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
+ "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
+ "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
+ "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
+ "not defined.\n");
+ return( 0 );
+}
+#else
static void my_debug( void *ctx, int level, const char *str )
{
((void) level);
@@ -88,7 +91,7 @@
fflush( (FILE *) ctx );
}
-int main( int argc, char *argv[] )
+int main( void )
{
int ret, len;
int listen_fd;
@@ -105,9 +108,6 @@
ssl_cache_context cache;
#endif
- ((void) argc);
- ((void) argv);
-
memset( &ssl, 0, sizeof(ssl_context) );
#if defined(POLARSSL_SSL_CACHE_C)
ssl_cache_init( &cache );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 5d6fe40..5319c7e 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -29,27 +29,12 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
-#define polarssl_fprintf fprintf
-#define polarssl_malloc malloc
-#define polarssl_free free
-#endif
-
-#if !defined(POLARSSL_ENTROPY_C) || \
- !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \
- !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
#include <stdio.h>
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf("POLARSSL_ENTROPY_C and/or "
- "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
- "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
- return( 0 );
-}
-#else
+#define polarssl_free free
+#define polarssl_malloc malloc
+#define polarssl_fprintf fprintf
+#define polarssl_printf printf
+#endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && defined(POLARSSL_FS_IO)
#define POLARSSL_SNI
@@ -59,14 +44,9 @@
#include <windows.h>
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-#if !defined(_WIN32)
-#include <signal.h>
-#endif
-
+#if defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) && \
+ defined(POLARSSL_NET_C) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/entropy.h"
@@ -76,6 +56,15 @@
#include "polarssl/error.h"
#include "polarssl/debug.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
+#if !defined(_WIN32)
+#include <signal.h>
+#endif
+
#if defined(POLARSSL_SSL_CACHE_C)
#include "polarssl/ssl_cache.h"
#endif
@@ -155,102 +144,6 @@
*/
#define IO_BUF_LEN 200
-/*
- * global options
- */
-struct options
-{
- const char *server_addr; /* address on which the ssl service runs */
- int server_port; /* port on which the ssl service runs */
- int debug_level; /* level of debugging */
- int nbio; /* should I/O be blocking? */
- uint32_t read_timeout; /* timeout on ssl_read() in milliseconds */
- const char *ca_file; /* the file with the CA certificate(s) */
- const char *ca_path; /* the path with the CA certificate(s) reside */
- const char *crt_file; /* the file with the server certificate */
- const char *key_file; /* the file with the server key */
- const char *crt_file2; /* the file with the 2nd server certificate */
- const char *key_file2; /* the file with the 2nd server key */
- const char *psk; /* the pre-shared key */
- const char *psk_identity; /* the pre-shared key identity */
- char *psk_list; /* list of PSK id/key pairs for callback */
- int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
- const char *version_suites; /* per-version ciphersuites */
- int renegotiation; /* enable / disable renegotiation */
- int allow_legacy; /* allow legacy renegotiation */
- int renegotiate; /* attempt renegotiation? */
- int renego_delay; /* delay before enforcing renegotiation */
- int renego_period; /* period for automatic renegotiation */
- int exchanges; /* number of data exchanges */
- int min_version; /* minimum protocol version accepted */
- int max_version; /* maximum protocol version accepted */
- int arc4; /* flag for arc4 suites support */
- int auth_mode; /* verify mode for connection */
- unsigned char mfl_code; /* code for maximum fragment length */
- int trunc_hmac; /* accept truncated hmac? */
- int tickets; /* enable / disable session tickets */
- int ticket_timeout; /* session ticket lifetime */
- int cache_max; /* max number of session cache entries */
- int cache_timeout; /* expiration delay of session cache entries */
- char *sni; /* string describing sni information */
- const char *alpn_string; /* ALPN supported protocols */
- const char *dhm_file; /* the file with the DH parameters */
- int extended_ms; /* allow negotiation of extended MS? */
- int etm; /* allow negotiation of encrypt-then-MAC? */
- int transport; /* TLS or DTLS? */
- int cookies; /* Use cookies for DTLS? -1 to break them */
- int anti_replay; /* Use anti-replay for DTLS? -1 for default */
- uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
- uint32_t hs_to_max; /* Max value of DTLS handshake timer */
- int badmac_limit; /* Limit of records with bad MAC */
-} opt;
-
-static void my_debug( void *ctx, int level, const char *str )
-{
- ((void) level);
-
- polarssl_fprintf( (FILE *) ctx, "%s", str );
- fflush( (FILE *) ctx );
-}
-
-/*
- * Test recv/send functions that make sure each try returns
- * WANT_READ/WANT_WRITE at least once before sucesseding
- */
-static int my_recv( void *ctx, unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( POLARSSL_ERR_NET_WANT_READ );
- }
-
- ret = net_recv( ctx, buf, len );
- if( ret != POLARSSL_ERR_NET_WANT_READ )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-static int my_send( void *ctx, const unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( POLARSSL_ERR_NET_WANT_WRITE );
- }
-
- ret = net_send( ctx, buf, len );
- if( ret != POLARSSL_ERR_NET_WANT_WRITE )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
#if defined(POLARSSL_X509_CRT_PARSE_C)
#if defined(POLARSSL_FS_IO)
#define USAGE_IO \
@@ -434,6 +327,114 @@
" force_ciphersuite=<name> default: all enabled\n" \
" acceptable ciphersuite names:\n"
+#if !defined(POLARSSL_ENTROPY_C) || \
+ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \
+ !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
+#include <stdio.h>
+int main( void )
+{
+ polarssl_printf("POLARSSL_ENTROPY_C and/or "
+ "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
+ "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
+ return( 0 );
+}
+#else
+/*
+ * global options
+ */
+struct options
+{
+ const char *server_addr; /* address on which the ssl service runs */
+ int server_port; /* port on which the ssl service runs */
+ int debug_level; /* level of debugging */
+ int nbio; /* should I/O be blocking? */
+ uint32_t read_timeout; /* timeout on ssl_read() in milliseconds */
+ const char *ca_file; /* the file with the CA certificate(s) */
+ const char *ca_path; /* the path with the CA certificate(s) reside */
+ const char *crt_file; /* the file with the server certificate */
+ const char *key_file; /* the file with the server key */
+ const char *crt_file2; /* the file with the 2nd server certificate */
+ const char *key_file2; /* the file with the 2nd server key */
+ const char *psk; /* the pre-shared key */
+ const char *psk_identity; /* the pre-shared key identity */
+ char *psk_list; /* list of PSK id/key pairs for callback */
+ int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
+ const char *version_suites; /* per-version ciphersuites */
+ int renegotiation; /* enable / disable renegotiation */
+ int allow_legacy; /* allow legacy renegotiation */
+ int renegotiate; /* attempt renegotiation? */
+ int renego_delay; /* delay before enforcing renegotiation */
+ int renego_period; /* period for automatic renegotiation */
+ int exchanges; /* number of data exchanges */
+ int min_version; /* minimum protocol version accepted */
+ int max_version; /* maximum protocol version accepted */
+ int arc4; /* flag for arc4 suites support */
+ int auth_mode; /* verify mode for connection */
+ unsigned char mfl_code; /* code for maximum fragment length */
+ int trunc_hmac; /* accept truncated hmac? */
+ int tickets; /* enable / disable session tickets */
+ int ticket_timeout; /* session ticket lifetime */
+ int cache_max; /* max number of session cache entries */
+ int cache_timeout; /* expiration delay of session cache entries */
+ char *sni; /* string describing sni information */
+ const char *alpn_string; /* ALPN supported protocols */
+ const char *dhm_file; /* the file with the DH parameters */
+ int extended_ms; /* allow negotiation of extended MS? */
+ int etm; /* allow negotiation of encrypt-then-MAC? */
+ int transport; /* TLS or DTLS? */
+ int cookies; /* Use cookies for DTLS? -1 to break them */
+ int anti_replay; /* Use anti-replay for DTLS? -1 for default */
+ uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
+ uint32_t hs_to_max; /* Max value of DTLS handshake timer */
+ int badmac_limit; /* Limit of records with bad MAC */
+} opt;
+
+static void my_debug( void *ctx, int level, const char *str )
+{
+ ((void) level);
+
+ polarssl_fprintf( (FILE *) ctx, "%s", str );
+ fflush( (FILE *) ctx );
+}
+
+/*
+ * Test recv/send functions that make sure each try returns
+ * WANT_READ/WANT_WRITE at least once before sucesseding
+ */
+static int my_recv( void *ctx, unsigned char *buf, size_t len )
+{
+ static int first_try = 1;
+ int ret;
+
+ if( first_try )
+ {
+ first_try = 0;
+ return( POLARSSL_ERR_NET_WANT_READ );
+ }
+
+ ret = net_recv( ctx, buf, len );
+ if( ret != POLARSSL_ERR_NET_WANT_READ )
+ first_try = 1; /* Next call will be a new operation */
+ return( ret );
+}
+
+static int my_send( void *ctx, const unsigned char *buf, size_t len )
+{
+ static int first_try = 1;
+ int ret;
+
+ if( first_try )
+ {
+ first_try = 0;
+ return( POLARSSL_ERR_NET_WANT_WRITE );
+ }
+
+ ret = net_send( ctx, buf, len );
+ if( ret != POLARSSL_ERR_NET_WANT_WRITE )
+ first_try = 1; /* Next call will be a new operation */
+ return( ret );
+}
+
/*
* Used by sni_parse and psk_parse to handle coma-separated lists
*/
@@ -441,7 +442,7 @@
dst = p; \
while( *p != ',' ) \
if( ++p > end ) \
- return( NULL ); \
+ goto error; \
*p++ = '\0';
#if defined(POLARSSL_SNI)
@@ -454,53 +455,6 @@
sni_entry *next;
};
-/*
- * Parse a string of triplets name1,crt1,key1[,name2,crt2,key2[,...]]
- * into a usable sni_entry list.
- *
- * Modifies the input string! This is not production quality!
- * (leaks memory if parsing fails, no error reporting, ...)
- */
-sni_entry *sni_parse( char *sni_string )
-{
- sni_entry *cur = NULL, *new = NULL;
- char *p = sni_string;
- char *end = p;
- char *crt_file, *key_file;
-
- while( *end != '\0' )
- ++end;
- *end = ',';
-
- while( p <= end )
- {
- if( ( new = polarssl_malloc( sizeof( sni_entry ) ) ) == NULL )
- return( NULL );
-
- memset( new, 0, sizeof( sni_entry ) );
-
- if( ( new->cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL ||
- ( new->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
- return( NULL );
-
- x509_crt_init( new->cert );
- pk_init( new->key );
-
- GET_ITEM( new->name );
- GET_ITEM( crt_file );
- GET_ITEM( key_file );
-
- if( x509_crt_parse_file( new->cert, crt_file ) != 0 ||
- pk_parse_keyfile( new->key, key_file, "" ) != 0 )
- return( NULL );
-
- new->next = cur;
- cur = new;
- }
-
- return( cur );
-}
-
void sni_free( sni_entry *head )
{
sni_entry *cur = head, *next;
@@ -520,6 +474,67 @@
}
/*
+ * Parse a string of triplets name1,crt1,key1[,name2,crt2,key2[,...]]
+ * into a usable sni_entry list.
+ *
+ * Modifies the input string! This is not production quality!
+ */
+sni_entry *sni_parse( char *sni_string )
+{
+ sni_entry *cur = NULL, *new = NULL;
+ char *p = sni_string;
+ char *end = p;
+ char *crt_file, *key_file;
+
+ while( *end != '\0' )
+ ++end;
+ *end = ',';
+
+ while( p <= end )
+ {
+ if( ( new = polarssl_malloc( sizeof( sni_entry ) ) ) == NULL )
+ {
+ sni_free( cur );
+ return( NULL );
+ }
+
+ memset( new, 0, sizeof( sni_entry ) );
+
+ if( ( new->cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL ||
+ ( new->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
+ {
+ polarssl_free( new->cert );
+ polarssl_free( new );
+ sni_free( cur );
+ return( NULL );
+ }
+
+ x509_crt_init( new->cert );
+ pk_init( new->key );
+
+ GET_ITEM( new->name );
+ GET_ITEM( crt_file );
+ GET_ITEM( key_file );
+
+ if( x509_crt_parse_file( new->cert, crt_file ) != 0 ||
+ pk_parse_keyfile( new->key, key_file, "" ) != 0 )
+ {
+ goto error;
+ }
+
+ new->next = cur;
+ cur = new;
+ }
+
+ return( cur );
+
+error:
+ sni_free( new );
+ sni_free( cur );
+ return( NULL );
+}
+
+/*
* SNI callback.
*/
int sni_callback( void *p_info, ssl_context *ssl,
@@ -594,11 +609,25 @@
};
/*
+ * Free a list of psk_entry's
+ */
+void psk_free( psk_entry *head )
+{
+ psk_entry *next;
+
+ while( head != NULL )
+ {
+ next = head->next;
+ polarssl_free( head );
+ head = next;
+ }
+}
+
+/*
* Parse a string of pairs name1,key1[,name2,key2[,...]]
* into a usable psk_entry list.
*
* Modifies the input string! This is not production quality!
- * (leaks memory if parsing fails, no error reporting, ...)
*/
psk_entry *psk_parse( char *psk_string )
{
@@ -622,28 +651,18 @@
GET_ITEM( key_hex );
if( unhexify( new->key, key_hex, &new->key_len ) != 0 )
- return( NULL );
+ goto error;
new->next = cur;
cur = new;
}
return( cur );
-}
-/*
- * Free a list of psk_entry's
- */
-void psk_free( psk_entry *head )
-{
- psk_entry *next;
-
- while( head != NULL )
- {
- next = head->next;
- polarssl_free( head );
- head = next;
- }
+error:
+ psk_free( new );
+ psk_free( cur );
+ return( 0 );
}
/*
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index cc83746..735b443 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -29,12 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
+#define polarssl_exit exit
#define polarssl_printf printf
+#define polarssl_snprintf snprintf
#endif
+#if !defined(POLARSSL_TIMING_C)
+int main( void )
+{
+ polarssl_printf("POLARSSL_TIMING_C not defined.\n");
+ return( 0 );
+}
+#else
+
#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
#include "polarssl/timing.h"
@@ -60,24 +69,128 @@
#include "polarssl/ecdh.h"
#include "polarssl/error.h"
+#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
+#include "polarssl/memory_buffer_alloc.h"
+#endif
+
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
+/*
+ * For heap usage estimates, we need an estimate of the overhead per allocated
+ * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block,
+ * so use that as our baseline.
+ */
+#define MEM_BLOCK_OVERHEAD ( 2 * sizeof( size_t ) )
+
+/*
+ * Size to use for the malloc buffer if MEMORY_BUFFER_ALLOC_C is defined.
+ */
+#define HEAP_SIZE (1u << 16) // 64k
+
#define BUFSIZE 1024
#define HEADER_FORMAT " %-24s : "
#define TITLE_LEN 25
-#if !defined(POLARSSL_TIMING_C)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#define DHM_SIZES 3
- polarssl_printf("POLARSSL_TIMING_C not defined.\n");
- return( 0 );
-}
+#define OPTIONS \
+ "md4, md5, ripemd160, sha1, sha256, sha512,\n" \
+ "arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,\n" \
+ "havege, ctr_drbg, hmac_drbg\n" \
+ "rsa, dhm, ecdsa, ecdh.\n"
+
+#if defined(POLARSSL_ERROR_C)
+#define PRINT_ERROR \
+ polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
+ polarssl_printf( "FAILED: %s\n", tmp );
#else
+#define PRINT_ERROR \
+ polarssl_printf( "FAILED: -0x%04x\n", -ret );
+#endif
+
+#define TIME_AND_TSC( TITLE, CODE ) \
+do { \
+ unsigned long i, j, tsc; \
+ \
+ polarssl_printf( HEADER_FORMAT, TITLE ); \
+ fflush( stdout ); \
+ \
+ set_alarm( 1 ); \
+ for( i = 1; ! alarmed; i++ ) \
+ { \
+ CODE; \
+ } \
+ \
+ tsc = hardclock(); \
+ for( j = 0; j < 1024; j++ ) \
+ { \
+ CODE; \
+ } \
+ \
+ polarssl_printf( "%9lu Kb/s, %9lu cycles/byte\n", \
+ i * BUFSIZE / 1024, \
+ ( hardclock() - tsc ) / ( j * BUFSIZE ) ); \
+} while( 0 )
+
+#if defined(POLARSSL_ERROR_C)
+#define PRINT_ERROR \
+ polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
+ polarssl_printf( "FAILED: %s\n", tmp );
+#else
+#define PRINT_ERROR \
+ polarssl_printf( "FAILED: -0x%04x\n", -ret );
+#endif
+
+#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && defined(POLARSSL_MEMORY_DEBUG)
+
+#define MEMORY_MEASURE_INIT \
+ size_t max_used, max_blocks, max_bytes; \
+ size_t prv_used, prv_blocks; \
+ memory_buffer_alloc_cur_get( &prv_used, &prv_blocks ); \
+ memory_buffer_alloc_max_reset( );
+
+#define MEMORY_MEASURE_PRINT( title_len ) \
+ memory_buffer_alloc_max_get( &max_used, &max_blocks ); \
+ for( i = 12 - title_len; i != 0; i-- ) polarssl_printf( " " ); \
+ max_used -= prv_used; \
+ max_blocks -= prv_blocks; \
+ max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks; \
+ polarssl_printf( "%6u heap bytes", (unsigned) max_bytes );
+
+#else
+#define MEMORY_MEASURE_INIT
+#define MEMORY_MEASURE_PRINT( title_len )
+#endif
+
+#define TIME_PUBLIC( TITLE, TYPE, CODE ) \
+do { \
+ unsigned long i; \
+ int ret; \
+ MEMORY_MEASURE_INIT; \
+ \
+ polarssl_printf( HEADER_FORMAT, TITLE ); \
+ fflush( stdout ); \
+ set_alarm( 3 ); \
+ \
+ ret = 0; \
+ for( i = 1; ! alarmed && ! ret ; i++ ) \
+ { \
+ CODE; \
+ } \
+ \
+ if( ret != 0 ) \
+ { \
+ PRINT_ERROR; \
+ } \
+ else \
+ { \
+ polarssl_printf( "%6lu " TYPE "/s", i / 3 ); \
+ MEMORY_MEASURE_PRINT( sizeof( TYPE ) + 1 ); \
+ polarssl_printf( "\n" ); \
+ } \
+} while( 0 )
static int myrand( void *rng_state, unsigned char *output, size_t len )
{
@@ -102,61 +215,26 @@
return( 0 );
}
-#define TIME_AND_TSC( TITLE, CODE ) \
-do { \
- unsigned long i, j, tsc; \
- \
- polarssl_printf( HEADER_FORMAT, TITLE ); \
- fflush( stdout ); \
- \
- set_alarm( 1 ); \
- for( i = 1; ! alarmed; i++ ) \
- { \
- CODE; \
- } \
- \
- tsc = hardclock(); \
- for( j = 0; j < 1024; j++ ) \
- { \
- CODE; \
- } \
- \
- polarssl_printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, \
- ( hardclock() - tsc ) / ( j * BUFSIZE ) ); \
-} while( 0 )
-
-#if defined(POLARSSL_ERROR_C)
-#define PRINT_ERROR \
- polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
- polarssl_printf( "FAILED: %s\n", tmp );
+/*
+ * Clear some memory that was used to prepare the context
+ */
+#if defined(POLARSSL_ECP_C)
+void ecp_clear_precomputed( ecp_group *grp )
+{
+ if( grp->T != NULL )
+ {
+ size_t i;
+ for( i = 0; i < grp->T_size; i++ )
+ ecp_point_free( &grp->T[i] );
+ polarssl_free( grp->T );
+ }
+ grp->T = NULL;
+ grp->T_size = 0;
+}
#else
-#define PRINT_ERROR \
- polarssl_printf( "FAILED: -0x%04x\n", -ret );
+#define ecp_clear_precomputed( g )
#endif
-#define TIME_PUBLIC( TITLE, TYPE, CODE ) \
-do { \
- unsigned long i; \
- int ret; \
- \
- polarssl_printf( HEADER_FORMAT, TITLE ); \
- fflush( stdout ); \
- set_alarm( 3 ); \
- \
- ret = 0; \
- for( i = 1; ! alarmed && ! ret ; i++ ) \
- { \
- CODE; \
- } \
- \
- if( ret != 0 ) \
- { \
-PRINT_ERROR; \
- } \
- else \
- polarssl_printf( "%9lu " TYPE "/s\n", i / 3 ); \
-} while( 0 )
-
unsigned char buf[BUFSIZE];
typedef struct {
@@ -166,18 +244,15 @@
rsa, dhm, ecdsa, ecdh;
} todo_list;
-#define OPTIONS \
- "md4, md5, ripemd160, sha1, sha256, sha512,\n" \
- "arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,\n" \
- "havege, ctr_drbg, hmac_drbg\n" \
- "rsa, dhm, ecdsa, ecdh.\n"
-
int main( int argc, char *argv[] )
{
- int keysize, i;
+ int i;
unsigned char tmp[200];
char title[TITLE_LEN];
todo_list todo;
+#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
+ unsigned char malloc_buf[HEAP_SIZE] = { 0 };
+#endif
if( argc == 1 )
memset( &todo, 1, sizeof( todo ) );
@@ -239,6 +314,9 @@
polarssl_printf( "\n" );
+#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
+ memory_buffer_alloc_init( malloc_buf, sizeof( malloc_buf ) );
+#endif
memset( buf, 0xAA, sizeof( buf ) );
memset( tmp, 0xBB, sizeof( tmp ) );
@@ -309,11 +387,12 @@
#if defined(POLARSSL_CIPHER_MODE_CBC)
if( todo.aes_cbc )
{
+ int keysize;
aes_context aes;
aes_init( &aes );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
- snprintf( title, sizeof( title ), "AES-CBC-%d", keysize );
+ polarssl_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
@@ -328,10 +407,11 @@
#if defined(POLARSSL_GCM_C)
if( todo.aes_gcm )
{
+ int keysize;
gcm_context gcm;
for( keysize = 128; keysize <= 256; keysize += 64 )
{
- snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
+ polarssl_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
@@ -348,10 +428,11 @@
#if defined(POLARSSL_CCM_C)
if( todo.aes_ccm )
{
+ int keysize;
ccm_context ccm;
for( keysize = 128; keysize <= 256; keysize += 64 )
{
- snprintf( title, sizeof( title ), "AES-CCM-%d", keysize );
+ polarssl_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
@@ -370,11 +451,12 @@
#if defined(POLARSSL_CAMELLIA_C) && defined(POLARSSL_CIPHER_MODE_CBC)
if( todo.camellia )
{
+ int keysize;
camellia_context camellia;
camellia_init( &camellia );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
- snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize );
+ polarssl_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
@@ -391,12 +473,13 @@
#if defined(POLARSSL_BLOWFISH_C) && defined(POLARSSL_CIPHER_MODE_CBC)
if( todo.blowfish )
{
+ int keysize;
blowfish_context blowfish;
blowfish_init( &blowfish );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
- snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
+ polarssl_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
@@ -427,17 +510,17 @@
ctr_drbg_context ctr_drbg;
if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
- exit(1);
+ polarssl_exit(1);
TIME_AND_TSC( "CTR_DRBG (NOPR)",
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
- exit(1) );
+ polarssl_exit(1) );
if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
- exit(1);
+ polarssl_exit(1);
ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_ON );
TIME_AND_TSC( "CTR_DRBG (PR)",
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
- exit(1) );
+ polarssl_exit(1) );
ctr_drbg_free( &ctr_drbg );
}
#endif
@@ -450,43 +533,43 @@
#if defined(POLARSSL_SHA1_C)
if( ( md_info = md_info_from_type( POLARSSL_MD_SHA1 ) ) == NULL )
- exit(1);
+ polarssl_exit(1);
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
- exit(1);
+ polarssl_exit(1);
TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)",
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- exit(1) );
+ polarssl_exit(1) );
hmac_drbg_free( &hmac_drbg );
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
- exit(1);
+ polarssl_exit(1);
hmac_drbg_set_prediction_resistance( &hmac_drbg,
POLARSSL_HMAC_DRBG_PR_ON );
TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)",
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- exit(1) );
+ polarssl_exit(1) );
hmac_drbg_free( &hmac_drbg );
#endif
#if defined(POLARSSL_SHA256_C)
if( ( md_info = md_info_from_type( POLARSSL_MD_SHA256 ) ) == NULL )
- exit(1);
+ polarssl_exit(1);
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
- exit(1);
+ polarssl_exit(1);
TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)",
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- exit(1) );
+ polarssl_exit(1) );
hmac_drbg_free( &hmac_drbg );
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
- exit(1);
+ polarssl_exit(1);
hmac_drbg_set_prediction_resistance( &hmac_drbg,
POLARSSL_HMAC_DRBG_PR_ON );
TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)",
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- exit(1) );
+ polarssl_exit(1) );
hmac_drbg_free( &hmac_drbg );
#endif
}
@@ -495,10 +578,11 @@
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME)
if( todo.rsa )
{
+ int keysize;
rsa_context rsa;
for( keysize = 1024; keysize <= 4096; keysize *= 2 )
{
- snprintf( title, sizeof( title ), "RSA-%d", keysize );
+ polarssl_snprintf( title, sizeof( title ), "RSA-%d", keysize );
rsa_init( &rsa, RSA_PKCS_V15, 0 );
rsa_gen_key( &rsa, myrand, NULL, keysize, 65537 );
@@ -519,7 +603,6 @@
#if defined(POLARSSL_DHM_C) && defined(POLARSSL_BIGNUM_C)
if( todo.dhm )
{
-#define DHM_SIZES 3
int dhm_sizes[DHM_SIZES] = { 1024, 2048, 3072 };
const char *dhm_P[DHM_SIZES] = {
POLARSSL_DHM_RFC5114_MODP_1024_P,
@@ -541,22 +624,22 @@
if( mpi_read_string( &dhm.P, 16, dhm_P[i] ) != 0 ||
mpi_read_string( &dhm.G, 16, dhm_G[i] ) != 0 )
{
- exit( 1 );
+ polarssl_exit( 1 );
}
dhm.len = mpi_size( &dhm.P );
dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL );
if( mpi_copy( &dhm.GY, &dhm.GX ) != 0 )
- exit( 1 );
+ polarssl_exit( 1 );
- snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] );
+ polarssl_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] );
TIME_PUBLIC( title, "handshake",
olen = sizeof( buf );
ret |= dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len,
myrand, NULL );
ret |= dhm_calc_secret( &dhm, buf, &olen, myrand, NULL ) );
- snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] );
+ polarssl_snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] );
TIME_PUBLIC( title, "handshake",
olen = sizeof( buf );
ret |= dhm_calc_secret( &dhm, buf, &olen, myrand, NULL ) );
@@ -582,14 +665,34 @@
ecdsa_init( &ecdsa );
if( ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 )
- exit( 1 );
+ polarssl_exit( 1 );
+ ecp_clear_precomputed( &ecdsa.grp );
- snprintf( title, sizeof( title ), "ECDSA-%s",
+ polarssl_snprintf( title, sizeof( title ), "ECDSA-%s",
curve_info->name );
TIME_PUBLIC( title, "sign",
ret = ecdsa_write_signature( &ecdsa, buf, curve_info->size,
tmp, &sig_len, myrand, NULL ) );
+ ecdsa_free( &ecdsa );
+ }
+
+ for( curve_info = ecp_curve_list();
+ curve_info->grp_id != POLARSSL_ECP_DP_NONE;
+ curve_info++ )
+ {
+ ecdsa_init( &ecdsa );
+
+ if( ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ||
+ ecdsa_write_signature( &ecdsa, buf, curve_info->size,
+ tmp, &sig_len, myrand, NULL ) != 0 )
+ {
+ polarssl_exit( 1 );
+ }
+ ecp_clear_precomputed( &ecdsa.grp );
+
+ polarssl_snprintf( title, sizeof( title ), "ECDSA-%s",
+ curve_info->name );
TIME_PUBLIC( title, "verify",
ret = ecdsa_read_signature( &ecdsa, buf, curve_info->size,
tmp, sig_len ) );
@@ -603,6 +706,9 @@
if( todo.ecdh )
{
ecdh_context ecdh;
+#if defined(POLARSSL_ECP_DP_M255_ENABLED)
+ mpi z;
+#endif
const ecp_curve_info *curve_info;
size_t olen;
@@ -617,28 +723,95 @@
myrand, NULL ) != 0 ||
ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 )
{
- exit( 1 );
+ polarssl_exit( 1 );
}
+ ecp_clear_precomputed( &ecdh.grp );
- snprintf( title, sizeof( title ), "ECDHE-%s",
+ polarssl_snprintf( title, sizeof( title ), "ECDHE-%s",
curve_info->name );
TIME_PUBLIC( title, "handshake",
ret |= ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
myrand, NULL );
ret |= ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
myrand, NULL ) );
+ ecdh_free( &ecdh );
+ }
- snprintf( title, sizeof( title ), "ECDH-%s",
+ /* Curve25519 needs to be handled separately */
+#if defined(POLARSSL_ECP_DP_M255_ENABLED)
+ ecdh_init( &ecdh );
+ mpi_init( &z );
+
+ if( ecp_use_known_dp( &ecdh.grp, POLARSSL_ECP_DP_M255 ) != 0 ||
+ ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) != 0 )
+ {
+ polarssl_exit( 1 );
+ }
+
+ TIME_PUBLIC( "ECDHE-Curve25519", "handshake",
+ ret |= ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q,
+ myrand, NULL );
+ ret |= ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
+ myrand, NULL ) );
+
+ ecdh_free( &ecdh );
+ mpi_free( &z );
+#endif
+
+ for( curve_info = ecp_curve_list();
+ curve_info->grp_id != POLARSSL_ECP_DP_NONE;
+ curve_info++ )
+ {
+ ecdh_init( &ecdh );
+
+ if( ecp_use_known_dp( &ecdh.grp, curve_info->grp_id ) != 0 ||
+ ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
+ myrand, NULL ) != 0 ||
+ ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 ||
+ ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
+ myrand, NULL ) != 0 )
+ {
+ polarssl_exit( 1 );
+ }
+ ecp_clear_precomputed( &ecdh.grp );
+
+ polarssl_snprintf( title, sizeof( title ), "ECDH-%s",
curve_info->name );
TIME_PUBLIC( title, "handshake",
ret |= ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
myrand, NULL ) );
ecdh_free( &ecdh );
}
+
+ /* Curve25519 needs to be handled separately */
+#if defined(POLARSSL_ECP_DP_M255_ENABLED)
+ ecdh_init( &ecdh );
+ mpi_init( &z );
+
+ if( ecp_use_known_dp( &ecdh.grp, POLARSSL_ECP_DP_M255 ) != 0 ||
+ ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp,
+ myrand, NULL ) != 0 ||
+ ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) != 0 )
+ {
+ polarssl_exit( 1 );
+ }
+
+ TIME_PUBLIC( "ECDH-Curve25519", "handshake",
+ ret |= ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
+ myrand, NULL ) );
+
+ ecdh_free( &ecdh );
+ mpi_free( &z );
+#endif
}
#endif
+
polarssl_printf( "\n" );
+#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
+ memory_buffer_alloc_free();
+#endif
+
#if defined(_WIN32)
polarssl_printf( " Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
diff --git a/programs/test/o_p_test.c b/programs/test/o_p_test.c
index b904a9f..0d1cccf 100644
--- a/programs/test/o_p_test.c
+++ b/programs/test/o_p_test.c
@@ -29,19 +29,18 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <sys/stat.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO)
#include <openssl/rsa.h>
+
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
+
#include <openssl/pem.h>
#include <openssl/bio.h>
@@ -50,13 +49,17 @@
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#endif
+
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index d2f70d2..edecbb8 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -26,15 +26,6 @@
#include POLARSSL_CONFIG_FILE
#endif
-#if defined(POLARSSL_PLATFORM_C)
-#include "polarssl/platform.h"
-#else
-#define polarssl_printf printf
-#endif
-
-#include <string.h>
-#include <stdio.h>
-
#include "polarssl/entropy.h"
#include "polarssl/hmac_drbg.h"
#include "polarssl/ctr_drbg.h"
@@ -62,6 +53,16 @@
#include "polarssl/ecp.h"
#include "polarssl/timing.h"
+#include <stdio.h>
+#include <string.h>
+
+#if defined(POLARSSL_PLATFORM_C)
+#include "polarssl/platform.h"
+#else
+#include <stdio.h>
+#define polarssl_printf printf
+#endif
+
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
#include "polarssl/memory_buffer_alloc.h"
#endif
diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c
index 037c474..4978603 100644
--- a/programs/test/ssl_cert_test.c
+++ b/programs/test/ssl_cert_test.c
@@ -29,36 +29,37 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
+#define polarssl_snprintf snprintf
#define polarssl_printf printf
+#define polarssl_snprintf snprintf
#endif
-#include <string.h>
+#if defined(POLARSSL_RSA_C) && defined(POLARSSL_X509_CRT_PARSE_C) && \
+ defined(POLARSSL_FS_IO) && defined(POLARSSL_X509_CRL_PARSE_C)
+#include "polarssl/certs.h"
+#include "polarssl/x509_crt.h"
+
#include <stdio.h>
+#include <string.h>
+#endif
+
+#if defined _MSC_VER && !defined snprintf
+#define snprintf _snprintf
+#endif
+
+#define MAX_CLIENT_CERTS 8
#if !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_X509_CRL_PARSE_C)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_RSA_C and/or POLARSSL_X509_CRT_PARSE_C "
"POLARSSL_FS_IO and/or POLARSSL_X509_CRL_PARSE_C "
"not defined.\n");
return( 0 );
}
#else
-
-#include "polarssl/certs.h"
-#include "polarssl/x509_crt.h"
-
-#if defined _MSC_VER && !defined snprintf
-#define snprintf _snprintf
-#endif
-
-
-#define MAX_CLIENT_CERTS 8
-
const char *client_certificates[MAX_CLIENT_CERTS] =
{
"client1.crt",
@@ -83,16 +84,13 @@
"cert_digest.key"
};
-int main( int argc, char *argv[] )
+int main( void )
{
int ret, i;
x509_crt cacert;
x509_crl crl;
char buf[10240];
- ((void) argc);
- ((void) argv);
-
x509_crt_init( &cacert );
x509_crl_init( &crl );
@@ -149,7 +147,7 @@
x509_crt_init( &clicert );
pk_init( &pk );
- snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]);
+ polarssl_snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]);
polarssl_printf( " . Loading the client certificate %s...", name );
fflush( stdout );
@@ -198,7 +196,7 @@
/*
* 1.5. Load own private key
*/
- snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]);
+ polarssl_snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]);
polarssl_printf( " . Loading the client private key %s...", name );
fflush( stdout );
diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c
index 23e0d3c..49bbd15 100644
--- a/programs/test/ssl_test.c
+++ b/programs/test/ssl_test.c
@@ -29,44 +29,33 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
-#define polarssl_fprintf fprintf
-#define polarssl_malloc malloc
+#include <stdio.h>
#define polarssl_free free
+#define polarssl_malloc malloc
+#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) && \
+ defined(POLARSSL_SSL_CLI_C) && defined(POLARSSL_NET_C) && \
+ defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \
+ defined(POLARSSL_X509_CRT_PARSE_C)
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/certs.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
#if defined(POLARSSL_TIMING_C)
#include "polarssl/timing.h"
#endif
-#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
- !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \
- !defined(POLARSSL_SSL_CLI_C) || !defined(POLARSSL_NET_C) || \
- !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
- !defined(POLARSSL_X509_CRT_PARSE_C)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
- "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
- "POLARSSL_SSL_CLI_C and/or POLARSSL_NET_C and/or "
- "POLARSSL_RSA_C and/or POLARSSL_CTR_DRBG_C and/or "
- "POLARSSL_X509_CRT_PARSE_C not defined.\n");
- return( 0 );
-}
-#else
-
#define OPMODE_NONE 0
#define OPMODE_CLIENT 1
#define OPMODE_SERVER 2
@@ -92,6 +81,21 @@
#define DFL_SESSION_LIFETIME 86400
#define DFL_FORCE_CIPHER 0
+#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
+ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \
+ !defined(POLARSSL_SSL_CLI_C) || !defined(POLARSSL_NET_C) || \
+ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
+ !defined(POLARSSL_X509_CRT_PARSE_C)
+int main( void )
+{
+ polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
+ "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
+ "POLARSSL_SSL_CLI_C and/or POLARSSL_NET_C and/or "
+ "POLARSSL_RSA_C and/or POLARSSL_CTR_DRBG_C and/or "
+ "POLARSSL_X509_CRT_PARSE_C not defined.\n");
+ return( 0 );
+}
+#else
int server_fd = -1;
/*
@@ -295,8 +299,8 @@
}
}
- read_buf = (unsigned char *) polarssl_malloc( opt->buffer_size );
- write_buf = (unsigned char *) polarssl_malloc( opt->buffer_size );
+ read_buf = polarssl_malloc( opt->buffer_size );
+ write_buf = polarssl_malloc( opt->buffer_size );
if( read_buf == NULL || write_buf == NULL )
{
@@ -453,7 +457,7 @@
" session_reuse=on/off default: on (enabled)\n" \
" session_lifetime=%%d (s) default: 86400\n" \
" force_ciphersuite=<name> default: all enabled\n" \
- " acceptable ciphersuite names:\n"
+ " acceptable ciphersuite names:\n"
int main( int argc, char *argv[] )
{
diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c
index a8cb3c6..778b604 100644
--- a/programs/test/udp_proxy.c
+++ b/programs/test/udp_proxy.c
@@ -47,6 +47,7 @@
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
#include <time.h>
/* For select() */
diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c
index 74f7a3e..2c0e585 100644
--- a/programs/util/pem2der.c
+++ b/programs/util/pem2der.c
@@ -29,27 +29,34 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
-#define polarssl_malloc malloc
+#include <stdio.h>
#define polarssl_free free
+#define polarssl_malloc malloc
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BASE64_C) && defined(POLARSSL_FS_IO)
#include "polarssl/error.h"
#include "polarssl/base64.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
#define DFL_FILENAME "file.pem"
#define DFL_OUTPUT_FILENAME "file.der"
-#if !defined(POLARSSL_BASE64_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
+#define USAGE \
+ "\n usage: pem2der param=<>...\n" \
+ "\n acceptable parameters:\n" \
+ " filename=%%s default: file.pem\n" \
+ " output_file=%%s default: file.der\n" \
+ "\n"
+#if !defined(POLARSSL_BASE64_C) || !defined(POLARSSL_FS_IO)
+int main( void )
+{
polarssl_printf("POLARSSL_BASE64_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@@ -129,7 +136,7 @@
*n = (size_t) size;
if( *n + 1 == 0 ||
- ( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL )
+ ( *buf = polarssl_malloc( *n + 1 ) ) == NULL )
{
fclose( f );
return( -1 );
@@ -170,13 +177,6 @@
return( 0 );
}
-#define USAGE \
- "\n usage: pem2der param=<>...\n" \
- "\n acceptable parameters:\n" \
- " filename=%%s default: file.pem\n" \
- " output_file=%%s default: file.der\n" \
- "\n"
-
int main( int argc, char *argv[] )
{
int ret = 0;
diff --git a/programs/util/strerror.c b/programs/util/strerror.c
index c5598fc..e785ffa 100644
--- a/programs/util/strerror.c
+++ b/programs/util/strerror.c
@@ -29,25 +29,25 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
+#if defined(POLARSSL_ERROR_C) || defined(POLARSSL_ERROR_STRERROR_DUMMY)
+#include "polarssl/error.h"
+
+#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <stdio.h>
-
-#include "polarssl/error.h"
+#endif
#define USAGE \
"\n usage: strerror <errorcode>\n" \
"\n where <errorcode> can be a decimal or hexadecimal (starts with 0x or -0x)\n"
#if !defined(POLARSSL_ERROR_C) && !defined(POLARSSL_ERROR_STRERROR_DUMMY)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_ERROR_C and/or POLARSSL_ERROR_STRERROR_DUMMY not defined.\n");
return( 0 );
}
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index 3eb7d6d..cc36b7c 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -29,38 +29,26 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
-#define polarssl_printf printf
+#include <stdio.h>
#define polarssl_fprintf fprintf
+#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \
+ defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \
+ defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/x509.h"
-#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
- !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
- !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
- !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
- !defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
- "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
- "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_FS_IO and/or "
- "POLARSSL_CTR_DRBG_C not defined.\n");
- return( 0 );
-}
-#else
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
#define MODE_NONE 0
#define MODE_FILE 1
@@ -76,6 +64,41 @@
#define DFL_DEBUG_LEVEL 0
#define DFL_PERMISSIVE 0
+#define USAGE_IO \
+ " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \
+ " default: \"\" (none)\n" \
+ " crl_file=%%s The single CRL file you want to use\n" \
+ " default: \"\" (none)\n" \
+ " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \
+ " default: \"\" (none) (overrides ca_file)\n"
+
+#define USAGE \
+ "\n usage: cert_app param=<>...\n" \
+ "\n acceptable parameters:\n" \
+ " mode=file|ssl default: none\n" \
+ " filename=%%s default: cert.crt\n" \
+ USAGE_IO \
+ " server_name=%%s default: localhost\n" \
+ " server_port=%%d default: 4433\n" \
+ " debug_level=%%d default: 0 (disabled)\n" \
+ " permissive=%%d default: 0 (disabled)\n" \
+ "\n"
+
+#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
+ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
+ !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
+ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
+ !defined(POLARSSL_CTR_DRBG_C)
+int main( void )
+{
+ polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
+ "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
+ "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
+ "POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_FS_IO and/or "
+ "POLARSSL_CTR_DRBG_C not defined.\n");
+ return( 0 );
+}
+#else
/*
* global options
*/
@@ -137,26 +160,6 @@
return( 0 );
}
-#define USAGE_IO \
- " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \
- " default: \"\" (none)\n" \
- " crl_file=%%s The single CRL file you want to use\n" \
- " default: \"\" (none)\n" \
- " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \
- " default: \"\" (none) (overrides ca_file)\n"
-
-#define USAGE \
- "\n usage: cert_app param=<>...\n" \
- "\n acceptable parameters:\n" \
- " mode=file|ssl default: none\n" \
- " filename=%%s default: cert.crt\n" \
- USAGE_IO \
- " server_name=%%s default: localhost\n" \
- " server_port=%%d default: 4433\n" \
- " debug_level=%%d default: 0 (disabled)\n" \
- " permissive=%%d default: 0 (disabled)\n" \
- "\n"
-
int main( int argc, char *argv[] )
{
int ret = 0, server_fd;
@@ -348,6 +351,8 @@
cur = cur->next;
}
+ ret = 0;
+
/*
* 1.3 Verify the certificate
*/
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index 3b67f65..d8527c6 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -29,33 +29,22 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_X509_CSR_WRITE_C) && defined(POLARSSL_FS_IO) && \
+ defined(POLARSSL_PK_PARSE_C) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/x509_csr.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/error.h"
-#if !defined(POLARSSL_X509_CSR_WRITE_C) || !defined(POLARSSL_FS_IO) || \
- !defined(POLARSSL_PK_PARSE_C) || \
- !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or "
- "POLARSSL_PK_PARSE_C and/or "
- "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
- "not defined.\n");
- return( 0 );
-}
-#else
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
#define DFL_FILENAME "keyfile.key"
#define DFL_DEBUG_LEVEL 0
@@ -64,6 +53,45 @@
#define DFL_KEY_USAGE 0
#define DFL_NS_CERT_TYPE 0
+#define USAGE \
+ "\n usage: cert_req param=<>...\n" \
+ "\n acceptable parameters:\n" \
+ " filename=%%s default: keyfile.key\n" \
+ " debug_level=%%d default: 0 (disabled)\n" \
+ " output_file=%%s default: cert.req\n" \
+ " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \
+ " key_usage=%%s default: (empty)\n" \
+ " Comma-separated-list of values:\n" \
+ " digital_signature\n" \
+ " non_repudiation\n" \
+ " key_encipherment\n" \
+ " data_encipherment\n" \
+ " key_agreement\n" \
+ " key_certificate_sign\n" \
+ " crl_sign\n" \
+ " ns_cert_type=%%s default: (empty)\n" \
+ " Comma-separated-list of values:\n" \
+ " ssl_client\n" \
+ " ssl_server\n" \
+ " email\n" \
+ " object_signing\n" \
+ " ssl_ca\n" \
+ " email_ca\n" \
+ " object_signing_ca\n" \
+ "\n"
+
+#if !defined(POLARSSL_X509_CSR_WRITE_C) || !defined(POLARSSL_FS_IO) || \
+ !defined(POLARSSL_PK_PARSE_C) || \
+ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
+int main( void )
+{
+ polarssl_printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or "
+ "POLARSSL_PK_PARSE_C and/or "
+ "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
+ "not defined.\n");
+ return( 0 );
+}
+#else
/*
* global options
*/
@@ -106,33 +134,6 @@
return( 0 );
}
-#define USAGE \
- "\n usage: cert_req param=<>...\n" \
- "\n acceptable parameters:\n" \
- " filename=%%s default: keyfile.key\n" \
- " debug_level=%%d default: 0 (disabled)\n" \
- " output_file=%%s default: cert.req\n" \
- " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \
- " key_usage=%%s default: (empty)\n" \
- " Comma-separated-list of values:\n" \
- " digital_signature\n" \
- " non_repudiation\n" \
- " key_encipherment\n" \
- " data_encipherment\n" \
- " key_agreement\n" \
- " key_certificate_sign\n" \
- " crl_sign\n" \
- " ns_cert_type=%%s default: (empty)\n" \
- " Comma-separated-list of values:\n" \
- " ssl_client\n" \
- " ssl_server\n" \
- " email\n" \
- " object_signing\n" \
- " ssl_ca\n" \
- " email_ca\n" \
- " object_signing_ca\n" \
- "\n"
-
int main( int argc, char *argv[] )
{
int ret = 0;
@@ -149,7 +150,7 @@
* Set to sane values
*/
x509write_csr_init( &req );
- x509write_csr_set_md_alg( &req, POLARSSL_MD_SHA1 );
+ x509write_csr_set_md_alg( &req, POLARSSL_MD_SHA256 );
pk_init( &key );
memset( buf, 0, sizeof( buf ) );
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index eed12cf..45e2456 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -29,36 +29,34 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-#if !defined(POLARSSL_X509_CRT_WRITE_C) || \
- !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
- !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
- !defined(POLARSSL_ERROR_C)
-int main( int argc, char *argv[] )
-{
- ((void) argc);
- ((void) argv);
-
- polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
- "POLARSSL_FS_IO and/or "
- "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
- "POLARSSL_ERROR_C not defined.\n");
- return( 0 );
-}
-#else
-
+#if defined(POLARSSL_X509_CRT_WRITE_C) && \
+ defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \
+ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) && \
+ defined(POLARSSL_ERROR_C)
#include "polarssl/x509_crt.h"
#include "polarssl/x509_csr.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/error.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
+#if defined(POLARSSL_X509_CSR_PARSE_C)
+#define USAGE_CSR \
+ " request_file=%%s default: (empty)\n" \
+ " If request_file is specified, subject_key,\n" \
+ " subject_pwd and subject_name are ignored!\n"
+#else
+#define USAGE_CSR ""
+#endif /* POLARSSL_X509_CSR_PARSE_C */
+
#define DFL_ISSUER_CRT ""
#define DFL_REQUEST_FILE ""
#define DFL_SUBJECT_KEY "subject.key"
@@ -77,6 +75,64 @@
#define DFL_KEY_USAGE 0
#define DFL_NS_CERT_TYPE 0
+#define USAGE \
+ "\n usage: cert_write param=<>...\n" \
+ "\n acceptable parameters:\n" \
+ USAGE_CSR \
+ " subject_key=%%s default: subject.key\n" \
+ " subject_pwd=%%s default: (empty)\n" \
+ " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \
+ "\n" \
+ " issuer_crt=%%s default: (empty)\n" \
+ " If issuer_crt is specified, issuer_name is\n" \
+ " ignored!\n" \
+ " issuer_name=%%s default: CN=CA,O=mbed TLS,C=UK\n" \
+ "\n" \
+ " selfsign=%%d default: 0 (false)\n" \
+ " If selfsign is enabled, issuer_name and\n" \
+ " issuer_key are required (issuer_crt and\n" \
+ " subject_* are ignored\n" \
+ " issuer_key=%%s default: ca.key\n" \
+ " issuer_pwd=%%s default: (empty)\n" \
+ " output_file=%%s default: cert.crt\n" \
+ " serial=%%s default: 1\n" \
+ " not_before=%%s default: 20010101000000\n"\
+ " not_after=%%s default: 20301231235959\n"\
+ " is_ca=%%d default: 0 (disabled)\n" \
+ " max_pathlen=%%d default: -1 (none)\n" \
+ " key_usage=%%s default: (empty)\n" \
+ " Comma-separated-list of values:\n" \
+ " digital_signature\n" \
+ " non_repudiation\n" \
+ " key_encipherment\n" \
+ " data_encipherment\n" \
+ " key_agreement\n" \
+ " key_certificate_sign\n" \
+ " crl_sign\n" \
+ " ns_cert_type=%%s default: (empty)\n" \
+ " Comma-separated-list of values:\n" \
+ " ssl_client\n" \
+ " ssl_server\n" \
+ " email\n" \
+ " object_signing\n" \
+ " ssl_ca\n" \
+ " email_ca\n" \
+ " object_signing_ca\n" \
+ "\n"
+
+#if !defined(POLARSSL_X509_CRT_WRITE_C) || \
+ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
+ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
+ !defined(POLARSSL_ERROR_C)
+int main( void )
+{
+ polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
+ "POLARSSL_FS_IO and/or "
+ "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
+ "POLARSSL_ERROR_C not defined.\n");
+ return( 0 );
+}
+#else
/*
* global options
*/
@@ -130,60 +186,6 @@
return( 0 );
}
-#if defined(POLARSSL_X509_CSR_PARSE_C)
-#define USAGE_CSR \
- " request_file=%%s default: (empty)\n" \
- " If request_file is specified, subject_key,\n" \
- " subject_pwd and subject_name are ignored!\n"
-#else
-#define USAGE_CSR ""
-#endif /* POLARSSL_X509_CSR_PARSE_C */
-
-#define USAGE \
- "\n usage: cert_write param=<>...\n" \
- "\n acceptable parameters:\n" \
- USAGE_CSR \
- " subject_key=%%s default: subject.key\n" \
- " subject_pwd=%%s default: (empty)\n" \
- " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \
- "\n" \
- " issuer_crt=%%s default: (empty)\n" \
- " If issuer_crt is specified, issuer_name is\n" \
- " ignored!\n" \
- " issuer_name=%%s default: CN=CA,O=mbed TLS,C=UK\n" \
- "\n" \
- " selfsign=%%d default: 0 (false)\n" \
- " If selfsign is enabled, issuer_name and\n" \
- " issuer_key are required (issuer_crt and\n" \
- " subject_* are ignored\n" \
- " issuer_key=%%s default: ca.key\n" \
- " issuer_pwd=%%s default: (empty)\n" \
- " output_file=%%s default: cert.crt\n" \
- " serial=%%s default: 1\n" \
- " not_before=%%s default: 20010101000000\n"\
- " not_after=%%s default: 20301231235959\n"\
- " is_ca=%%d default: 0 (disabled)\n" \
- " max_pathlen=%%d default: -1 (none)\n" \
- " key_usage=%%s default: (empty)\n" \
- " Comma-separated-list of values:\n" \
- " digital_signature\n" \
- " non_repudiation\n" \
- " key_encipherment\n" \
- " data_encipherment\n" \
- " key_agreement\n" \
- " key_certificate_sign\n" \
- " crl_sign\n" \
- " ns_cert_type=%%s default: (empty)\n" \
- " Comma-separated-list of values:\n" \
- " ssl_client\n" \
- " ssl_server\n" \
- " email\n" \
- " object_signing\n" \
- " ssl_ca\n" \
- " email_ca\n" \
- " object_signing_ca\n" \
- "\n"
-
int main( int argc, char *argv[] )
{
int ret = 0;
@@ -209,7 +211,7 @@
* Set to sane values
*/
x509write_crt_init( &crt );
- x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA1 );
+ x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA256 );
pk_init( &loaded_issuer_key );
pk_init( &loaded_subject_key );
mpi_init( &serial );
diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c
index 4370227..8354391 100644
--- a/programs/x509/crl_app.c
+++ b/programs/x509/crl_app.c
@@ -29,31 +29,37 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_X509_CRL_PARSE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/x509_crl.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
+#define DFL_FILENAME "crl.pem"
+#define DFL_DEBUG_LEVEL 0
+
+#define USAGE \
+ "\n usage: crl_app param=<>...\n" \
+ "\n acceptable parameters:\n" \
+ " filename=%%s default: crl.pem\n" \
+ "\n"
+
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRL_PARSE_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRL_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
-
-#define DFL_FILENAME "crl.pem"
-#define DFL_DEBUG_LEVEL 0
-
/*
* global options
*/
@@ -62,12 +68,6 @@
const char *filename; /* filename of the certificate file */
} opt;
-#define USAGE \
- "\n usage: crl_app param=<>...\n" \
- "\n acceptable parameters:\n" \
- " filename=%%s default: crl.pem\n" \
- "\n"
-
int main( int argc, char *argv[] )
{
int ret = 0;
diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c
index a4be7e6..0b070fc 100644
--- a/programs/x509/req_app.c
+++ b/programs/x509/req_app.c
@@ -29,31 +29,37 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
+#include <stdio.h>
#define polarssl_printf printf
#endif
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
+#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
+ defined(POLARSSL_X509_CSR_PARSE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/x509_csr.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
+#define DFL_FILENAME "cert.req"
+#define DFL_DEBUG_LEVEL 0
+
+#define USAGE \
+ "\n usage: req_app param=<>...\n" \
+ "\n acceptable parameters:\n" \
+ " filename=%%s default: cert.req\n" \
+ "\n"
+
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CSR_PARSE_C) || !defined(POLARSSL_FS_IO)
-int main( int argc, char *argv[] )
+int main( void )
{
- ((void) argc);
- ((void) argv);
-
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CSR_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
-
-#define DFL_FILENAME "cert.req"
-#define DFL_DEBUG_LEVEL 0
-
/*
* global options
*/
@@ -62,12 +68,6 @@
const char *filename; /* filename of the certificate request */
} opt;
-#define USAGE \
- "\n usage: req_app param=<>...\n" \
- "\n acceptable parameters:\n" \
- " filename=%%s default: cert.req\n" \
- "\n"
-
int main( int argc, char *argv[] )
{
int ret = 0;