mirror of
https://git.suyu.dev/suyu/mbedtls.git
synced 2026-02-18 16:33:01 +00:00
The Great Renaming
A simple execution of tmp/invoke-rename.pl
This commit is contained in:
Manuel Pégourié-Gonnard
@@ -20,18 +20,18 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#include "mbedtls/aes.h"
|
||||
@@ -60,12 +60,12 @@
|
||||
"\n example: aescrypt2 0 file file.aes hex:E76B2413958B00E193\n" \
|
||||
"\n"
|
||||
|
||||
#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \
|
||||
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_MD_C)
|
||||
#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_SHA256_C) || \
|
||||
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_MD_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_AES_C and/or POLARSSL_SHA256_C "
|
||||
"and/or POLARSSL_FS_IO and/or POLARSSL_MD_C "
|
||||
mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_SHA256_C "
|
||||
"and/or MBEDTLS_FS_IO and/or MBEDTLS_MD_C "
|
||||
"not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
@@ -86,8 +86,8 @@ int main( int argc, char *argv[] )
|
||||
unsigned char buffer[1024];
|
||||
unsigned char diff;
|
||||
|
||||
aes_context aes_ctx;
|
||||
md_context_t sha_ctx;
|
||||
mbedtls_aes_context aes_ctx;
|
||||
mbedtls_md_context_t sha_ctx;
|
||||
|
||||
#if defined(_WIN32_WCE)
|
||||
long filesize, offset;
|
||||
@@ -98,13 +98,13 @@ int main( int argc, char *argv[] )
|
||||
off_t filesize, offset;
|
||||
#endif
|
||||
|
||||
aes_init( &aes_ctx );
|
||||
md_init( &sha_ctx );
|
||||
mbedtls_aes_init( &aes_ctx );
|
||||
mbedtls_md_init( &sha_ctx );
|
||||
|
||||
ret = md_setup( &sha_ctx, md_info_from_type( POLARSSL_MD_SHA256 ), 1 );
|
||||
ret = mbedtls_md_setup( &sha_ctx, mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), 1 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " ! md_setup() returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " ! mbedtls_md_setup() returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -113,10 +113,10 @@ int main( int argc, char *argv[] )
|
||||
*/
|
||||
if( argc != 5 )
|
||||
{
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( "\n Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
@@ -131,25 +131,25 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT )
|
||||
{
|
||||
polarssl_fprintf( stderr, "invalide operation mode\n" );
|
||||
mbedtls_fprintf( stderr, "invalide operation mode\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( strcmp( argv[2], argv[3] ) == 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "input and output filenames must differ\n" );
|
||||
mbedtls_fprintf( stderr, "input and output filenames must differ\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( fin = fopen( argv[2], "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] );
|
||||
mbedtls_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( fout = fopen( argv[3], "wb+" ) ) == NULL )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] );
|
||||
mbedtls_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -202,7 +202,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR )
|
||||
{
|
||||
polarssl_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" );
|
||||
mbedtls_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -218,7 +218,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( fseek( fin, 0, SEEK_SET ) < 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" );
|
||||
mbedtls_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -233,10 +233,10 @@ int main( int argc, char *argv[] )
|
||||
|
||||
p = argv[2];
|
||||
|
||||
md_starts( &sha_ctx );
|
||||
md_update( &sha_ctx, buffer, 8 );
|
||||
md_update( &sha_ctx, (unsigned char *) p, strlen( p ) );
|
||||
md_finish( &sha_ctx, digest );
|
||||
mbedtls_md_starts( &sha_ctx );
|
||||
mbedtls_md_update( &sha_ctx, buffer, 8 );
|
||||
mbedtls_md_update( &sha_ctx, (unsigned char *) p, strlen( p ) );
|
||||
mbedtls_md_finish( &sha_ctx, digest );
|
||||
|
||||
memcpy( IV, digest, 16 );
|
||||
|
||||
@@ -254,7 +254,7 @@ int main( int argc, char *argv[] )
|
||||
*/
|
||||
if( fwrite( IV, 1, 16, fout ) != 16 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
|
||||
mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -267,15 +267,15 @@ int main( int argc, char *argv[] )
|
||||
|
||||
for( i = 0; i < 8192; i++ )
|
||||
{
|
||||
md_starts( &sha_ctx );
|
||||
md_update( &sha_ctx, digest, 32 );
|
||||
md_update( &sha_ctx, key, keylen );
|
||||
md_finish( &sha_ctx, digest );
|
||||
mbedtls_md_starts( &sha_ctx );
|
||||
mbedtls_md_update( &sha_ctx, digest, 32 );
|
||||
mbedtls_md_update( &sha_ctx, key, keylen );
|
||||
mbedtls_md_finish( &sha_ctx, digest );
|
||||
}
|
||||
|
||||
memset( key, 0, sizeof( key ) );
|
||||
aes_setkey_enc( &aes_ctx, digest, 256 );
|
||||
md_hmac_starts( &sha_ctx, digest, 32 );
|
||||
mbedtls_aes_setkey_enc( &aes_ctx, digest, 256 );
|
||||
mbedtls_md_hmac_starts( &sha_ctx, digest, 32 );
|
||||
|
||||
/*
|
||||
* Encrypt and write the ciphertext.
|
||||
@@ -287,19 +287,19 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( fread( buffer, 1, n, fin ) != (size_t) n )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fread(%d bytes) failed\n", n );
|
||||
mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", n );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
for( i = 0; i < 16; i++ )
|
||||
buffer[i] = (unsigned char)( buffer[i] ^ IV[i] );
|
||||
|
||||
aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, buffer, buffer );
|
||||
md_hmac_update( &sha_ctx, buffer, 16 );
|
||||
mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, buffer, buffer );
|
||||
mbedtls_md_hmac_update( &sha_ctx, buffer, 16 );
|
||||
|
||||
if( fwrite( buffer, 1, 16, fout ) != 16 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
|
||||
mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -309,11 +309,11 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Finally write the HMAC.
|
||||
*/
|
||||
md_hmac_finish( &sha_ctx, digest );
|
||||
mbedtls_md_hmac_finish( &sha_ctx, digest );
|
||||
|
||||
if( fwrite( digest, 1, 32, fout ) != 32 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
|
||||
mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
@@ -333,13 +333,13 @@ int main( int argc, char *argv[] )
|
||||
*/
|
||||
if( filesize < 48 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "File too short to be encrypted.\n" );
|
||||
mbedtls_fprintf( stderr, "File too short to be encrypted.\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( filesize & 0x0F ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "File size not a multiple of 16.\n" );
|
||||
mbedtls_fprintf( stderr, "File size not a multiple of 16.\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -353,7 +353,7 @@ int main( int argc, char *argv[] )
|
||||
*/
|
||||
if( fread( buffer, 1, 16, fin ) != 16 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
|
||||
mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -369,15 +369,15 @@ int main( int argc, char *argv[] )
|
||||
|
||||
for( i = 0; i < 8192; i++ )
|
||||
{
|
||||
md_starts( &sha_ctx );
|
||||
md_update( &sha_ctx, digest, 32 );
|
||||
md_update( &sha_ctx, key, keylen );
|
||||
md_finish( &sha_ctx, digest );
|
||||
mbedtls_md_starts( &sha_ctx );
|
||||
mbedtls_md_update( &sha_ctx, digest, 32 );
|
||||
mbedtls_md_update( &sha_ctx, key, keylen );
|
||||
mbedtls_md_finish( &sha_ctx, digest );
|
||||
}
|
||||
|
||||
memset( key, 0, sizeof( key ) );
|
||||
aes_setkey_dec( &aes_ctx, digest, 256 );
|
||||
md_hmac_starts( &sha_ctx, digest, 32 );
|
||||
mbedtls_aes_setkey_dec( &aes_ctx, digest, 256 );
|
||||
mbedtls_md_hmac_starts( &sha_ctx, digest, 32 );
|
||||
|
||||
/*
|
||||
* Decrypt and write the plaintext.
|
||||
@@ -386,14 +386,14 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
if( fread( buffer, 1, 16, fin ) != 16 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
|
||||
mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
memcpy( tmp, buffer, 16 );
|
||||
|
||||
md_hmac_update( &sha_ctx, buffer, 16 );
|
||||
aes_crypt_ecb( &aes_ctx, AES_DECRYPT, buffer, buffer );
|
||||
mbedtls_md_hmac_update( &sha_ctx, buffer, 16 );
|
||||
mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_DECRYPT, buffer, buffer );
|
||||
|
||||
for( i = 0; i < 16; i++ )
|
||||
buffer[i] = (unsigned char)( buffer[i] ^ IV[i] );
|
||||
@@ -405,7 +405,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( fwrite( buffer, 1, n, fout ) != (size_t) n )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fwrite(%d bytes) failed\n", n );
|
||||
mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", n );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
@@ -413,11 +413,11 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Verify the message authentication code.
|
||||
*/
|
||||
md_hmac_finish( &sha_ctx, digest );
|
||||
mbedtls_md_hmac_finish( &sha_ctx, digest );
|
||||
|
||||
if( fread( buffer, 1, 32, fin ) != 32 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fread(%d bytes) failed\n", 32 );
|
||||
mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 32 );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -428,7 +428,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( diff != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "HMAC check failed: wrong key, "
|
||||
mbedtls_fprintf( stderr, "HMAC check failed: wrong key, "
|
||||
"or file corrupted.\n" );
|
||||
goto exit;
|
||||
}
|
||||
@@ -445,9 +445,9 @@ exit:
|
||||
memset( buffer, 0, sizeof( buffer ) );
|
||||
memset( digest, 0, sizeof( digest ) );
|
||||
|
||||
aes_free( &aes_ctx );
|
||||
md_free( &sha_ctx );
|
||||
mbedtls_aes_free( &aes_ctx );
|
||||
mbedtls_md_free( &sha_ctx );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_AES_C && POLARSSL_SHA256_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_AES_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -21,22 +21,22 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_CIPHER_C) && defined(POLARSSL_MD_C) && \
|
||||
defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_MD_C) && \
|
||||
defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/cipher.h"
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
@@ -59,16 +59,16 @@
|
||||
#define MODE_DECRYPT 1
|
||||
|
||||
#define USAGE \
|
||||
"\n crypt_and_hash <mode> <input filename> <output filename> <cipher> <md> <key>\n" \
|
||||
"\n crypt_and_hash <mode> <input filename> <output filename> <cipher> <mbedtls_md> <key>\n" \
|
||||
"\n <mode>: 0 = encrypt, 1 = decrypt\n" \
|
||||
"\n example: crypt_and_hash 0 file file.aes AES-128-CBC SHA1 hex:E76B2413958B00E193\n" \
|
||||
"\n"
|
||||
|
||||
#if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C) || \
|
||||
!defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_CIPHER_C) || !defined(MBEDTLS_MD_C) || \
|
||||
!defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_CIPHER_C and/or POLARSSL_MD_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_CIPHER_C and/or MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -82,15 +82,15 @@ int main( int argc, char *argv[] )
|
||||
char *p;
|
||||
unsigned char IV[16];
|
||||
unsigned char key[512];
|
||||
unsigned char digest[POLARSSL_MD_MAX_SIZE];
|
||||
unsigned char digest[MBEDTLS_MD_MAX_SIZE];
|
||||
unsigned char buffer[1024];
|
||||
unsigned char output[1024];
|
||||
unsigned char diff;
|
||||
|
||||
const cipher_info_t *cipher_info;
|
||||
const md_info_t *md_info;
|
||||
cipher_context_t cipher_ctx;
|
||||
md_context_t md_ctx;
|
||||
const mbedtls_cipher_info_t *cipher_info;
|
||||
const mbedtls_md_info_t *md_info;
|
||||
mbedtls_cipher_context_t cipher_ctx;
|
||||
mbedtls_md_context_t md_ctx;
|
||||
#if defined(_WIN32_WCE)
|
||||
long filesize, offset;
|
||||
#elif defined(_WIN32)
|
||||
@@ -100,8 +100,8 @@ int main( int argc, char *argv[] )
|
||||
off_t filesize, offset;
|
||||
#endif
|
||||
|
||||
cipher_init( &cipher_ctx );
|
||||
md_init( &md_ctx );
|
||||
mbedtls_cipher_init( &cipher_ctx );
|
||||
mbedtls_md_init( &md_ctx );
|
||||
|
||||
/*
|
||||
* Parse the command-line arguments.
|
||||
@@ -110,28 +110,28 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
const int *list;
|
||||
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
|
||||
polarssl_printf( "Available ciphers:\n" );
|
||||
list = cipher_list();
|
||||
mbedtls_printf( "Available ciphers:\n" );
|
||||
list = mbedtls_cipher_list();
|
||||
while( *list )
|
||||
{
|
||||
cipher_info = cipher_info_from_type( *list );
|
||||
polarssl_printf( " %s\n", cipher_info->name );
|
||||
cipher_info = mbedtls_cipher_info_from_type( *list );
|
||||
mbedtls_printf( " %s\n", cipher_info->name );
|
||||
list++;
|
||||
}
|
||||
|
||||
polarssl_printf( "\nAvailable message digests:\n" );
|
||||
list = md_list();
|
||||
mbedtls_printf( "\nAvailable message digests:\n" );
|
||||
list = mbedtls_md_list();
|
||||
while( *list )
|
||||
{
|
||||
md_info = md_info_from_type( *list );
|
||||
polarssl_printf( " %s\n", md_get_name( md_info ) );
|
||||
md_info = mbedtls_md_info_from_type( *list );
|
||||
mbedtls_printf( " %s\n", mbedtls_md_get_name( md_info ) );
|
||||
list++;
|
||||
}
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( "\n Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
@@ -142,50 +142,50 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT )
|
||||
{
|
||||
polarssl_fprintf( stderr, "invalid operation mode\n" );
|
||||
mbedtls_fprintf( stderr, "invalid operation mode\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( strcmp( argv[2], argv[3] ) == 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "input and output filenames must differ\n" );
|
||||
mbedtls_fprintf( stderr, "input and output filenames must differ\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( fin = fopen( argv[2], "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] );
|
||||
mbedtls_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( fout = fopen( argv[3], "wb+" ) ) == NULL )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] );
|
||||
mbedtls_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Read the Cipher and MD from the command line
|
||||
*/
|
||||
cipher_info = cipher_info_from_string( argv[4] );
|
||||
cipher_info = mbedtls_cipher_info_from_string( argv[4] );
|
||||
if( cipher_info == NULL )
|
||||
{
|
||||
polarssl_fprintf( stderr, "Cipher '%s' not found\n", argv[4] );
|
||||
mbedtls_fprintf( stderr, "Cipher '%s' not found\n", argv[4] );
|
||||
goto exit;
|
||||
}
|
||||
if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info) ) != 0 )
|
||||
if( ( ret = mbedtls_cipher_init_ctx( &cipher_ctx, cipher_info) ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "cipher_init_ctx failed\n" );
|
||||
mbedtls_fprintf( stderr, "mbedtls_cipher_init_ctx failed\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
md_info = md_info_from_string( argv[5] );
|
||||
md_info = mbedtls_md_info_from_string( argv[5] );
|
||||
if( md_info == NULL )
|
||||
{
|
||||
polarssl_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] );
|
||||
mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] );
|
||||
goto exit;
|
||||
}
|
||||
md_setup( &md_ctx, md_info, 1 );
|
||||
mbedtls_md_setup( &md_ctx, md_info, 1 );
|
||||
|
||||
/*
|
||||
* Read the secret key and clean the command line.
|
||||
@@ -236,7 +236,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR )
|
||||
{
|
||||
polarssl_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" );
|
||||
mbedtls_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -252,7 +252,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( fseek( fin, 0, SEEK_SET ) < 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" );
|
||||
mbedtls_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -267,10 +267,10 @@ int main( int argc, char *argv[] )
|
||||
|
||||
p = argv[2];
|
||||
|
||||
md_starts( &md_ctx );
|
||||
md_update( &md_ctx, buffer, 8 );
|
||||
md_update( &md_ctx, (unsigned char *) p, strlen( p ) );
|
||||
md_finish( &md_ctx, digest );
|
||||
mbedtls_md_starts( &md_ctx );
|
||||
mbedtls_md_update( &md_ctx, buffer, 8 );
|
||||
mbedtls_md_update( &md_ctx, (unsigned char *) p, strlen( p ) );
|
||||
mbedtls_md_finish( &md_ctx, digest );
|
||||
|
||||
memcpy( IV, digest, 16 );
|
||||
|
||||
@@ -288,7 +288,7 @@ int main( int argc, char *argv[] )
|
||||
*/
|
||||
if( fwrite( IV, 1, 16, fout ) != 16 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
|
||||
mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -301,84 +301,84 @@ int main( int argc, char *argv[] )
|
||||
|
||||
for( i = 0; i < 8192; i++ )
|
||||
{
|
||||
md_starts( &md_ctx );
|
||||
md_update( &md_ctx, digest, 32 );
|
||||
md_update( &md_ctx, key, keylen );
|
||||
md_finish( &md_ctx, digest );
|
||||
mbedtls_md_starts( &md_ctx );
|
||||
mbedtls_md_update( &md_ctx, digest, 32 );
|
||||
mbedtls_md_update( &md_ctx, key, keylen );
|
||||
mbedtls_md_finish( &md_ctx, digest );
|
||||
|
||||
}
|
||||
|
||||
memset( key, 0, sizeof( key ) );
|
||||
|
||||
if( cipher_setkey( &cipher_ctx, digest, cipher_info->key_length,
|
||||
POLARSSL_ENCRYPT ) != 0 )
|
||||
if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_length,
|
||||
MBEDTLS_ENCRYPT ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "cipher_setkey() returned error\n");
|
||||
mbedtls_fprintf( stderr, "mbedtls_cipher_setkey() returned error\n");
|
||||
goto exit;
|
||||
}
|
||||
if( cipher_set_iv( &cipher_ctx, IV, 16 ) != 0 )
|
||||
if( mbedtls_cipher_set_iv( &cipher_ctx, IV, 16 ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "cipher_set_iv() returned error\n");
|
||||
mbedtls_fprintf( stderr, "mbedtls_cipher_set_iv() returned error\n");
|
||||
goto exit;
|
||||
}
|
||||
if( cipher_reset( &cipher_ctx ) != 0 )
|
||||
if( mbedtls_cipher_reset( &cipher_ctx ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "cipher_reset() returned error\n");
|
||||
mbedtls_fprintf( stderr, "mbedtls_cipher_reset() returned error\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
md_hmac_starts( &md_ctx, digest, 32 );
|
||||
mbedtls_md_hmac_starts( &md_ctx, digest, 32 );
|
||||
|
||||
/*
|
||||
* Encrypt and write the ciphertext.
|
||||
*/
|
||||
for( offset = 0; offset < filesize; offset += cipher_get_block_size( &cipher_ctx ) )
|
||||
for( offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size( &cipher_ctx ) )
|
||||
{
|
||||
ilen = ( (unsigned int) filesize - offset > cipher_get_block_size( &cipher_ctx ) ) ?
|
||||
cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset );
|
||||
ilen = ( (unsigned int) filesize - offset > mbedtls_cipher_get_block_size( &cipher_ctx ) ) ?
|
||||
mbedtls_cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset );
|
||||
|
||||
if( fread( buffer, 1, ilen, fin ) != ilen )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fread(%ld bytes) failed\n", (long) ilen );
|
||||
mbedtls_fprintf( stderr, "fread(%ld bytes) failed\n", (long) ilen );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( cipher_update( &cipher_ctx, buffer, ilen, output, &olen ) != 0 )
|
||||
if( mbedtls_cipher_update( &cipher_ctx, buffer, ilen, output, &olen ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "cipher_update() returned error\n");
|
||||
mbedtls_fprintf( stderr, "mbedtls_cipher_update() returned error\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
md_hmac_update( &md_ctx, output, olen );
|
||||
mbedtls_md_hmac_update( &md_ctx, output, olen );
|
||||
|
||||
if( fwrite( output, 1, olen, fout ) != olen )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
|
||||
mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
if( cipher_finish( &cipher_ctx, output, &olen ) != 0 )
|
||||
if( mbedtls_cipher_finish( &cipher_ctx, output, &olen ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "cipher_finish() returned error\n" );
|
||||
mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" );
|
||||
goto exit;
|
||||
}
|
||||
md_hmac_update( &md_ctx, output, olen );
|
||||
mbedtls_md_hmac_update( &md_ctx, output, olen );
|
||||
|
||||
if( fwrite( output, 1, olen, fout ) != olen )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
|
||||
mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Finally write the HMAC.
|
||||
*/
|
||||
md_hmac_finish( &md_ctx, digest );
|
||||
mbedtls_md_hmac_finish( &md_ctx, digest );
|
||||
|
||||
if( fwrite( digest, 1, md_get_size( md_info ), fout ) != md_get_size( md_info ) )
|
||||
if( fwrite( digest, 1, mbedtls_md_get_size( md_info ), fout ) != mbedtls_md_get_size( md_info ) )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fwrite(%d bytes) failed\n", md_get_size( md_info ) );
|
||||
mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", mbedtls_md_get_size( md_info ) );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
@@ -394,31 +394,31 @@ int main( int argc, char *argv[] )
|
||||
* N*16 .. (N+1)*16 - 1 AES Encrypted Block #N
|
||||
* (N+1)*16 .. (N+1)*16 + 32 HMAC-SHA-256(ciphertext)
|
||||
*/
|
||||
if( filesize < 16 + md_get_size( md_info ) )
|
||||
if( filesize < 16 + mbedtls_md_get_size( md_info ) )
|
||||
{
|
||||
polarssl_fprintf( stderr, "File too short to be encrypted.\n" );
|
||||
mbedtls_fprintf( stderr, "File too short to be encrypted.\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ( filesize - md_get_size( md_info ) ) %
|
||||
cipher_get_block_size( &cipher_ctx ) ) != 0 )
|
||||
if( ( ( filesize - mbedtls_md_get_size( md_info ) ) %
|
||||
mbedtls_cipher_get_block_size( &cipher_ctx ) ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "File content not a multiple of the block size (%d).\n",
|
||||
cipher_get_block_size( &cipher_ctx ));
|
||||
mbedtls_fprintf( stderr, "File content not a multiple of the block size (%d).\n",
|
||||
mbedtls_cipher_get_block_size( &cipher_ctx ));
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Subtract the IV + HMAC length.
|
||||
*/
|
||||
filesize -= ( 16 + md_get_size( md_info ) );
|
||||
filesize -= ( 16 + mbedtls_md_get_size( md_info ) );
|
||||
|
||||
/*
|
||||
* Read the IV and original filesize modulo 16.
|
||||
*/
|
||||
if( fread( buffer, 1, 16, fin ) != 16 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
|
||||
mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -434,60 +434,60 @@ int main( int argc, char *argv[] )
|
||||
|
||||
for( i = 0; i < 8192; i++ )
|
||||
{
|
||||
md_starts( &md_ctx );
|
||||
md_update( &md_ctx, digest, 32 );
|
||||
md_update( &md_ctx, key, keylen );
|
||||
md_finish( &md_ctx, digest );
|
||||
mbedtls_md_starts( &md_ctx );
|
||||
mbedtls_md_update( &md_ctx, digest, 32 );
|
||||
mbedtls_md_update( &md_ctx, key, keylen );
|
||||
mbedtls_md_finish( &md_ctx, digest );
|
||||
}
|
||||
|
||||
memset( key, 0, sizeof( key ) );
|
||||
|
||||
if( cipher_setkey( &cipher_ctx, digest, cipher_info->key_length,
|
||||
POLARSSL_DECRYPT ) != 0 )
|
||||
if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_length,
|
||||
MBEDTLS_DECRYPT ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "cipher_setkey() returned error\n" );
|
||||
mbedtls_fprintf( stderr, "mbedtls_cipher_setkey() returned error\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( cipher_set_iv( &cipher_ctx, IV, 16 ) != 0 )
|
||||
if( mbedtls_cipher_set_iv( &cipher_ctx, IV, 16 ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "cipher_set_iv() returned error\n" );
|
||||
mbedtls_fprintf( stderr, "mbedtls_cipher_set_iv() returned error\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( cipher_reset( &cipher_ctx ) != 0 )
|
||||
if( mbedtls_cipher_reset( &cipher_ctx ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "cipher_reset() returned error\n" );
|
||||
mbedtls_fprintf( stderr, "mbedtls_cipher_reset() returned error\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
md_hmac_starts( &md_ctx, digest, 32 );
|
||||
mbedtls_md_hmac_starts( &md_ctx, digest, 32 );
|
||||
|
||||
/*
|
||||
* Decrypt and write the plaintext.
|
||||
*/
|
||||
for( offset = 0; offset < filesize; offset += cipher_get_block_size( &cipher_ctx ) )
|
||||
for( offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size( &cipher_ctx ) )
|
||||
{
|
||||
if( fread( buffer, 1, cipher_get_block_size( &cipher_ctx ), fin ) !=
|
||||
(size_t) cipher_get_block_size( &cipher_ctx ) )
|
||||
if( fread( buffer, 1, mbedtls_cipher_get_block_size( &cipher_ctx ), fin ) !=
|
||||
(size_t) mbedtls_cipher_get_block_size( &cipher_ctx ) )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fread(%d bytes) failed\n",
|
||||
cipher_get_block_size( &cipher_ctx ) );
|
||||
mbedtls_fprintf( stderr, "fread(%d bytes) failed\n",
|
||||
mbedtls_cipher_get_block_size( &cipher_ctx ) );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
md_hmac_update( &md_ctx, buffer, cipher_get_block_size( &cipher_ctx ) );
|
||||
if( cipher_update( &cipher_ctx, buffer,
|
||||
cipher_get_block_size( &cipher_ctx ),
|
||||
mbedtls_md_hmac_update( &md_ctx, buffer, mbedtls_cipher_get_block_size( &cipher_ctx ) );
|
||||
if( mbedtls_cipher_update( &cipher_ctx, buffer,
|
||||
mbedtls_cipher_get_block_size( &cipher_ctx ),
|
||||
output, &olen ) != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "cipher_update() returned error\n" );
|
||||
mbedtls_fprintf( stderr, "mbedtls_cipher_update() returned error\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( fwrite( output, 1, olen, fout ) != olen )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
|
||||
mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
@@ -495,22 +495,22 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Verify the message authentication code.
|
||||
*/
|
||||
md_hmac_finish( &md_ctx, digest );
|
||||
mbedtls_md_hmac_finish( &md_ctx, digest );
|
||||
|
||||
if( fread( buffer, 1, md_get_size( md_info ), fin ) != md_get_size( md_info ) )
|
||||
if( fread( buffer, 1, mbedtls_md_get_size( md_info ), fin ) != mbedtls_md_get_size( md_info ) )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fread(%d bytes) failed\n", md_get_size( md_info ) );
|
||||
mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", mbedtls_md_get_size( md_info ) );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* Use constant-time buffer comparison */
|
||||
diff = 0;
|
||||
for( i = 0; i < md_get_size( md_info ); i++ )
|
||||
for( i = 0; i < mbedtls_md_get_size( md_info ); i++ )
|
||||
diff |= digest[i] ^ buffer[i];
|
||||
|
||||
if( diff != 0 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "HMAC check failed: wrong key, "
|
||||
mbedtls_fprintf( stderr, "HMAC check failed: wrong key, "
|
||||
"or file corrupted.\n" );
|
||||
goto exit;
|
||||
}
|
||||
@@ -518,11 +518,11 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Write the final block of data
|
||||
*/
|
||||
cipher_finish( &cipher_ctx, output, &olen );
|
||||
mbedtls_cipher_finish( &cipher_ctx, output, &olen );
|
||||
|
||||
if( fwrite( output, 1, olen, fout ) != olen )
|
||||
{
|
||||
polarssl_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
|
||||
mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
@@ -538,9 +538,9 @@ exit:
|
||||
memset( buffer, 0, sizeof( buffer ) );
|
||||
memset( digest, 0, sizeof( digest ) );
|
||||
|
||||
cipher_free( &cipher_ctx );
|
||||
md_free( &md_ctx );
|
||||
mbedtls_cipher_free( &cipher_ctx );
|
||||
mbedtls_md_free( &md_ctx );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_CIPHER_C && POLARSSL_MD_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_CIPHER_C && MBEDTLS_MD_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,76 +20,76 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_MD_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_MD_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_MD_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
static int generic_wrapper( const md_info_t *md_info, char *filename, unsigned char *sum )
|
||||
static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum )
|
||||
{
|
||||
int ret = md_file( md_info, filename, sum );
|
||||
int ret = mbedtls_md_file( md_info, filename, sum );
|
||||
|
||||
if( ret == 1 )
|
||||
polarssl_fprintf( stderr, "failed to open: %s\n", filename );
|
||||
mbedtls_fprintf( stderr, "failed to open: %s\n", filename );
|
||||
|
||||
if( ret == 2 )
|
||||
polarssl_fprintf( stderr, "failed to read: %s\n", filename );
|
||||
mbedtls_fprintf( stderr, "failed to read: %s\n", filename );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
static int generic_print( const md_info_t *md_info, char *filename )
|
||||
static int generic_print( const mbedtls_md_info_t *md_info, char *filename )
|
||||
{
|
||||
int i;
|
||||
unsigned char sum[POLARSSL_MD_MAX_SIZE];
|
||||
unsigned char sum[MBEDTLS_MD_MAX_SIZE];
|
||||
|
||||
if( generic_wrapper( md_info, filename, sum ) != 0 )
|
||||
return( 1 );
|
||||
|
||||
for( i = 0; i < md_get_size( md_info ); i++ )
|
||||
polarssl_printf( "%02x", sum[i] );
|
||||
for( i = 0; i < mbedtls_md_get_size( md_info ); i++ )
|
||||
mbedtls_printf( "%02x", sum[i] );
|
||||
|
||||
polarssl_printf( " %s\n", filename );
|
||||
mbedtls_printf( " %s\n", filename );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
static int generic_check( const md_info_t *md_info, char *filename )
|
||||
static int generic_check( const mbedtls_md_info_t *md_info, char *filename )
|
||||
{
|
||||
int i;
|
||||
size_t n;
|
||||
FILE *f;
|
||||
int nb_err1, nb_err2;
|
||||
int nb_tot1, nb_tot2;
|
||||
unsigned char sum[POLARSSL_MD_MAX_SIZE];
|
||||
char buf[POLARSSL_MD_MAX_SIZE * 2 + 1], line[1024];
|
||||
unsigned char sum[MBEDTLS_MD_MAX_SIZE];
|
||||
char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1], line[1024];
|
||||
char diff;
|
||||
|
||||
if( ( f = fopen( filename, "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "failed to open: %s\n", filename );
|
||||
mbedtls_printf( "failed to open: %s\n", filename );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
@@ -104,15 +104,15 @@ static int generic_check( const md_info_t *md_info, char *filename )
|
||||
{
|
||||
n = strlen( line );
|
||||
|
||||
if( n < (size_t) 2 * md_get_size( md_info ) + 4 )
|
||||
if( n < (size_t) 2 * mbedtls_md_get_size( md_info ) + 4 )
|
||||
{
|
||||
polarssl_printf("No '%s' hash found on line.\n", md_get_name( md_info ));
|
||||
mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name( md_info ));
|
||||
continue;
|
||||
}
|
||||
|
||||
if( line[2 * md_get_size( md_info )] != ' ' || line[2 * md_get_size( md_info ) + 1] != ' ' )
|
||||
if( line[2 * mbedtls_md_get_size( md_info )] != ' ' || line[2 * mbedtls_md_get_size( md_info ) + 1] != ' ' )
|
||||
{
|
||||
polarssl_printf("No '%s' hash found on line.\n", md_get_name( md_info ));
|
||||
mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name( md_info ));
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -121,7 +121,7 @@ static int generic_check( const md_info_t *md_info, char *filename )
|
||||
|
||||
nb_tot1++;
|
||||
|
||||
if( generic_wrapper( md_info, line + 2 + 2 * md_get_size( md_info ), sum ) != 0 )
|
||||
if( generic_wrapper( md_info, line + 2 + 2 * mbedtls_md_get_size( md_info ), sum ) != 0 )
|
||||
{
|
||||
nb_err1++;
|
||||
continue;
|
||||
@@ -129,18 +129,18 @@ static int generic_check( const md_info_t *md_info, char *filename )
|
||||
|
||||
nb_tot2++;
|
||||
|
||||
for( i = 0; i < md_get_size( md_info ); i++ )
|
||||
for( i = 0; i < mbedtls_md_get_size( md_info ); i++ )
|
||||
sprintf( buf + i * 2, "%02x", sum[i] );
|
||||
|
||||
/* Use constant-time buffer comparison */
|
||||
diff = 0;
|
||||
for( i = 0; i < 2 * md_get_size( md_info ); i++ )
|
||||
for( i = 0; i < 2 * mbedtls_md_get_size( md_info ); i++ )
|
||||
diff |= line[i] ^ buf[i];
|
||||
|
||||
if( diff != 0 )
|
||||
{
|
||||
nb_err2++;
|
||||
polarssl_fprintf( stderr, "wrong checksum: %s\n", line + 66 );
|
||||
mbedtls_fprintf( stderr, "wrong checksum: %s\n", line + 66 );
|
||||
}
|
||||
|
||||
n = sizeof( line );
|
||||
@@ -148,13 +148,13 @@ static int generic_check( const md_info_t *md_info, char *filename )
|
||||
|
||||
if( nb_err1 != 0 )
|
||||
{
|
||||
polarssl_printf( "WARNING: %d (out of %d) input files could "
|
||||
mbedtls_printf( "WARNING: %d (out of %d) input files could "
|
||||
"not be read\n", nb_err1, nb_tot1 );
|
||||
}
|
||||
|
||||
if( nb_err2 != 0 )
|
||||
{
|
||||
polarssl_printf( "WARNING: %d (out of %d) computed checksums did "
|
||||
mbedtls_printf( "WARNING: %d (out of %d) computed checksums did "
|
||||
"not match\n", nb_err2, nb_tot2 );
|
||||
}
|
||||
|
||||
@@ -166,29 +166,29 @@ static int generic_check( const md_info_t *md_info, char *filename )
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret, i;
|
||||
const md_info_t *md_info;
|
||||
md_context_t md_ctx;
|
||||
const mbedtls_md_info_t *md_info;
|
||||
mbedtls_md_context_t md_ctx;
|
||||
|
||||
md_init( &md_ctx );
|
||||
mbedtls_md_init( &md_ctx );
|
||||
|
||||
if( argc == 1 )
|
||||
{
|
||||
const int *list;
|
||||
|
||||
polarssl_printf( "print mode: generic_sum <md> <file> <file> ...\n" );
|
||||
polarssl_printf( "check mode: generic_sum <md> -c <checksum file>\n" );
|
||||
mbedtls_printf( "print mode: generic_sum <mbedtls_md> <file> <file> ...\n" );
|
||||
mbedtls_printf( "check mode: generic_sum <mbedtls_md> -c <checksum file>\n" );
|
||||
|
||||
polarssl_printf( "\nAvailable message digests:\n" );
|
||||
list = md_list();
|
||||
mbedtls_printf( "\nAvailable message digests:\n" );
|
||||
list = mbedtls_md_list();
|
||||
while( *list )
|
||||
{
|
||||
md_info = md_info_from_type( *list );
|
||||
polarssl_printf( " %s\n", md_get_name( md_info ) );
|
||||
md_info = mbedtls_md_info_from_type( *list );
|
||||
mbedtls_printf( " %s\n", mbedtls_md_get_name( md_info ) );
|
||||
list++;
|
||||
}
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( "\n Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
@@ -198,15 +198,15 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Read the MD from the command line
|
||||
*/
|
||||
md_info = md_info_from_string( argv[1] );
|
||||
md_info = mbedtls_md_info_from_string( argv[1] );
|
||||
if( md_info == NULL )
|
||||
{
|
||||
polarssl_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] );
|
||||
mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] );
|
||||
return( 1 );
|
||||
}
|
||||
if( md_setup( &md_ctx, md_info, 0 ) )
|
||||
if( mbedtls_md_setup( &md_ctx, md_info, 0 ) )
|
||||
{
|
||||
polarssl_fprintf( stderr, "Failed to initialize context.\n" );
|
||||
mbedtls_fprintf( stderr, "Failed to initialize context.\n" );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
@@ -221,8 +221,8 @@ int main( int argc, char *argv[] )
|
||||
ret |= generic_print( md_info, argv[i] );
|
||||
|
||||
exit:
|
||||
md_free( &md_ctx );
|
||||
mbedtls_md_free( &md_ctx );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_MD_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_MD_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,27 +20,27 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#include "mbedtls/md5.h"
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_MD5_C)
|
||||
#if !defined(MBEDTLS_MD5_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_MD5_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_MD5_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -50,20 +50,20 @@ int main( void )
|
||||
unsigned char digest[16];
|
||||
char str[] = "Hello, world!";
|
||||
|
||||
polarssl_printf( "\n MD5('%s') = ", str );
|
||||
mbedtls_printf( "\n MD5('%s') = ", str );
|
||||
|
||||
md5( (unsigned char *) str, 13, digest );
|
||||
mbedtls_md5( (unsigned char *) str, 13, digest );
|
||||
|
||||
for( i = 0; i < 16; i++ )
|
||||
polarssl_printf( "%02x", digest[i] );
|
||||
mbedtls_printf( "%02x", digest[i] );
|
||||
|
||||
polarssl_printf( "\n\n" );
|
||||
mbedtls_printf( "\n\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_MD5_C */
|
||||
#endif /* MBEDTLS_MD5_C */
|
||||
|
||||
@@ -20,43 +20,43 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/md5.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_MD5_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_MD5_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_MD5_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_MD5_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
static int md5_wrapper( char *filename, unsigned char *sum )
|
||||
{
|
||||
int ret = md5_file( filename, sum );
|
||||
int ret = mbedtls_md5_file( filename, sum );
|
||||
|
||||
if( ret == 1 )
|
||||
polarssl_fprintf( stderr, "failed to open: %s\n", filename );
|
||||
mbedtls_fprintf( stderr, "failed to open: %s\n", filename );
|
||||
|
||||
if( ret == 2 )
|
||||
polarssl_fprintf( stderr, "failed to read: %s\n", filename );
|
||||
mbedtls_fprintf( stderr, "failed to read: %s\n", filename );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
@@ -70,9 +70,9 @@ static int md5_print( char *filename )
|
||||
return( 1 );
|
||||
|
||||
for( i = 0; i < 16; i++ )
|
||||
polarssl_printf( "%02x", sum[i] );
|
||||
mbedtls_printf( "%02x", sum[i] );
|
||||
|
||||
polarssl_printf( " %s\n", filename );
|
||||
mbedtls_printf( " %s\n", filename );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
@@ -89,7 +89,7 @@ static int md5_check( char *filename )
|
||||
|
||||
if( ( f = fopen( filename, "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "failed to open: %s\n", filename );
|
||||
mbedtls_printf( "failed to open: %s\n", filename );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
@@ -134,7 +134,7 @@ static int md5_check( char *filename )
|
||||
if( diff != 0 )
|
||||
{
|
||||
nb_err2++;
|
||||
polarssl_fprintf( stderr, "wrong checksum: %s\n", line + 34 );
|
||||
mbedtls_fprintf( stderr, "wrong checksum: %s\n", line + 34 );
|
||||
}
|
||||
|
||||
n = sizeof( line );
|
||||
@@ -144,13 +144,13 @@ static int md5_check( char *filename )
|
||||
|
||||
if( nb_err1 != 0 )
|
||||
{
|
||||
polarssl_printf( "WARNING: %d (out of %d) input files could "
|
||||
mbedtls_printf( "WARNING: %d (out of %d) input files could "
|
||||
"not be read\n", nb_err1, nb_tot1 );
|
||||
}
|
||||
|
||||
if( nb_err2 != 0 )
|
||||
{
|
||||
polarssl_printf( "WARNING: %d (out of %d) computed checksums did "
|
||||
mbedtls_printf( "WARNING: %d (out of %d) computed checksums did "
|
||||
"not match\n", nb_err2, nb_tot2 );
|
||||
}
|
||||
|
||||
@@ -163,11 +163,11 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( argc == 1 )
|
||||
{
|
||||
polarssl_printf( "print mode: md5sum <file> <file> ...\n" );
|
||||
polarssl_printf( "check mode: md5sum -c <checksum file>\n" );
|
||||
mbedtls_printf( "print mode: md5sum <file> <file> ...\n" );
|
||||
mbedtls_printf( "check mode: md5sum -c <checksum file>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( "\n Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
@@ -183,4 +183,4 @@ int main( int argc, char *argv[] )
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_MD5_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_MD5_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,43 +20,43 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/sha1.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_SHA1_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_SHA1_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_SHA1_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
static int sha1_wrapper( char *filename, unsigned char *sum )
|
||||
{
|
||||
int ret = sha1_file( filename, sum );
|
||||
int ret = mbedtls_sha1_file( filename, sum );
|
||||
|
||||
if( ret == 1 )
|
||||
polarssl_fprintf( stderr, "failed to open: %s\n", filename );
|
||||
mbedtls_fprintf( stderr, "failed to open: %s\n", filename );
|
||||
|
||||
if( ret == 2 )
|
||||
polarssl_fprintf( stderr, "failed to read: %s\n", filename );
|
||||
mbedtls_fprintf( stderr, "failed to read: %s\n", filename );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
@@ -70,9 +70,9 @@ static int sha1_print( char *filename )
|
||||
return( 1 );
|
||||
|
||||
for( i = 0; i < 20; i++ )
|
||||
polarssl_printf( "%02x", sum[i] );
|
||||
mbedtls_printf( "%02x", sum[i] );
|
||||
|
||||
polarssl_printf( " %s\n", filename );
|
||||
mbedtls_printf( " %s\n", filename );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
@@ -89,7 +89,7 @@ static int sha1_check( char *filename )
|
||||
|
||||
if( ( f = fopen( filename, "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "failed to open: %s\n", filename );
|
||||
mbedtls_printf( "failed to open: %s\n", filename );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
@@ -134,7 +134,7 @@ static int sha1_check( char *filename )
|
||||
if( diff != 0 )
|
||||
{
|
||||
nb_err2++;
|
||||
polarssl_fprintf( stderr, "wrong checksum: %s\n", line + 42 );
|
||||
mbedtls_fprintf( stderr, "wrong checksum: %s\n", line + 42 );
|
||||
}
|
||||
|
||||
n = sizeof( line );
|
||||
@@ -144,13 +144,13 @@ static int sha1_check( char *filename )
|
||||
|
||||
if( nb_err1 != 0 )
|
||||
{
|
||||
polarssl_printf( "WARNING: %d (out of %d) input files could "
|
||||
mbedtls_printf( "WARNING: %d (out of %d) input files could "
|
||||
"not be read\n", nb_err1, nb_tot1 );
|
||||
}
|
||||
|
||||
if( nb_err2 != 0 )
|
||||
{
|
||||
polarssl_printf( "WARNING: %d (out of %d) computed checksums did "
|
||||
mbedtls_printf( "WARNING: %d (out of %d) computed checksums did "
|
||||
"not match\n", nb_err2, nb_tot2 );
|
||||
}
|
||||
|
||||
@@ -163,11 +163,11 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( argc == 1 )
|
||||
{
|
||||
polarssl_printf( "print mode: sha1sum <file> <file> ...\n" );
|
||||
polarssl_printf( "check mode: sha1sum -c <checksum file>\n" );
|
||||
mbedtls_printf( "print mode: sha1sum <file> <file> ...\n" );
|
||||
mbedtls_printf( "check mode: sha1sum -c <checksum file>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( "\n Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
@@ -183,4 +183,4 @@ int main( int argc, char *argv[] )
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_SHA1_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_SHA1_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,43 +20,43 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/sha256.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
static int sha256_wrapper( char *filename, unsigned char *sum )
|
||||
{
|
||||
int ret = sha256_file( filename, sum, 0 );
|
||||
int ret = mbedtls_sha256_file( filename, sum, 0 );
|
||||
|
||||
if( ret == 1 )
|
||||
polarssl_fprintf( stderr, "failed to open: %s\n", filename );
|
||||
mbedtls_fprintf( stderr, "failed to open: %s\n", filename );
|
||||
|
||||
if( ret == 2 )
|
||||
polarssl_fprintf( stderr, "failed to read: %s\n", filename );
|
||||
mbedtls_fprintf( stderr, "failed to read: %s\n", filename );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
@@ -70,9 +70,9 @@ static int sha256_print( char *filename )
|
||||
return( 1 );
|
||||
|
||||
for( i = 0; i < 32; i++ )
|
||||
polarssl_printf( "%02x", sum[i] );
|
||||
mbedtls_printf( "%02x", sum[i] );
|
||||
|
||||
polarssl_printf( " %s\n", filename );
|
||||
mbedtls_printf( " %s\n", filename );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
@@ -89,7 +89,7 @@ static int sha256_check( char *filename )
|
||||
|
||||
if( ( f = fopen( filename, "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "failed to open: %s\n", filename );
|
||||
mbedtls_printf( "failed to open: %s\n", filename );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
@@ -134,7 +134,7 @@ static int sha256_check( char *filename )
|
||||
if( diff != 0 )
|
||||
{
|
||||
nb_err2++;
|
||||
polarssl_fprintf( stderr, "wrong checksum: %s\n", line + 66 );
|
||||
mbedtls_fprintf( stderr, "wrong checksum: %s\n", line + 66 );
|
||||
}
|
||||
|
||||
n = sizeof( line );
|
||||
@@ -144,13 +144,13 @@ static int sha256_check( char *filename )
|
||||
|
||||
if( nb_err1 != 0 )
|
||||
{
|
||||
polarssl_printf( "WARNING: %d (out of %d) input files could "
|
||||
mbedtls_printf( "WARNING: %d (out of %d) input files could "
|
||||
"not be read\n", nb_err1, nb_tot1 );
|
||||
}
|
||||
|
||||
if( nb_err2 != 0 )
|
||||
{
|
||||
polarssl_printf( "WARNING: %d (out of %d) computed checksums did "
|
||||
mbedtls_printf( "WARNING: %d (out of %d) computed checksums did "
|
||||
"not match\n", nb_err2, nb_tot2 );
|
||||
}
|
||||
|
||||
@@ -163,11 +163,11 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( argc == 1 )
|
||||
{
|
||||
polarssl_printf( "print mode: sha256sum <file> <file> ...\n" );
|
||||
polarssl_printf( "check mode: sha256sum -c <checksum file>\n" );
|
||||
mbedtls_printf( "print mode: sha256sum <file> <file> ...\n" );
|
||||
mbedtls_printf( "check mode: sha256sum -c <checksum file>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( "\n Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
@@ -183,4 +183,4 @@ int main( int argc, char *argv[] )
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_SHA256_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_SHA256_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,23 +20,23 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) && \
|
||||
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) && \
|
||||
defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \
|
||||
defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
|
||||
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
|
||||
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
|
||||
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/net.h"
|
||||
#include "mbedtls/aes.h"
|
||||
#include "mbedtls/dhm.h"
|
||||
@@ -52,16 +52,16 @@
|
||||
#define SERVER_NAME "localhost"
|
||||
#define SERVER_PORT 11999
|
||||
|
||||
#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_DHM_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \
|
||||
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \
|
||||
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
|
||||
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
|
||||
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C "
|
||||
"and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
|
||||
"and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or "
|
||||
"MBEDTLS_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -78,90 +78,90 @@ int main( void )
|
||||
unsigned char hash[20];
|
||||
const char *pers = "dh_client";
|
||||
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
rsa_context rsa;
|
||||
dhm_context dhm;
|
||||
aes_context aes;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_rsa_context rsa;
|
||||
mbedtls_dhm_context dhm;
|
||||
mbedtls_aes_context aes;
|
||||
|
||||
memset( &rsa, 0, sizeof( rsa ) );
|
||||
dhm_init( &dhm );
|
||||
aes_init( &aes );
|
||||
mbedtls_dhm_init( &dhm );
|
||||
mbedtls_aes_init( &aes );
|
||||
|
||||
/*
|
||||
* 1. Setup the RNG
|
||||
*/
|
||||
polarssl_printf( "\n . Seeding the random number generator" );
|
||||
mbedtls_printf( "\n . Seeding the random number generator" );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 2. Read the server's public RSA key
|
||||
*/
|
||||
polarssl_printf( "\n . Reading public key from rsa_pub.txt" );
|
||||
mbedtls_printf( "\n . Reading public key from rsa_pub.txt" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not open rsa_pub.txt\n" \
|
||||
mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \
|
||||
" ! Please run rsa_genkey first\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
|
||||
|
||||
if( ( ret = mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.E, 16, f ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_read_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
rsa.len = ( mbedtls_mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
|
||||
fclose( f );
|
||||
|
||||
/*
|
||||
* 3. Initiate the connection
|
||||
*/
|
||||
polarssl_printf( "\n . Connecting to tcp/%s/%d", SERVER_NAME,
|
||||
mbedtls_printf( "\n . Connecting to tcp/%s/%d", SERVER_NAME,
|
||||
SERVER_PORT );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_connect( &server_fd, SERVER_NAME,
|
||||
SERVER_PORT, NET_PROTO_TCP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME,
|
||||
SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 4a. First get the buffer length
|
||||
*/
|
||||
polarssl_printf( "\n . Receiving the server's DH parameters" );
|
||||
mbedtls_printf( "\n . Receiving the server's DH parameters" );
|
||||
fflush( stdout );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
if( ( ret = net_recv( &server_fd, buf, 2 ) ) != 2 )
|
||||
if( ( ret = mbedtls_net_recv( &server_fd, buf, 2 ) ) != 2 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_recv returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
n = buflen = ( buf[0] << 8 ) | buf[1];
|
||||
if( buflen < 1 || buflen > sizeof( buf ) )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Got an invalid buffer length\n\n" );
|
||||
mbedtls_printf( " failed\n ! Got an invalid buffer length\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -170,24 +170,24 @@ int main( void )
|
||||
*/
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
if( ( ret = net_recv( &server_fd, buf, n ) ) != (int) n )
|
||||
if( ( ret = mbedtls_net_recv( &server_fd, buf, n ) ) != (int) n )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_recv returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
p = buf, end = buf + buflen;
|
||||
|
||||
if( ( ret = dhm_read_params( &dhm, &p, end ) ) != 0 )
|
||||
if( ( ret = mbedtls_dhm_read_params( &dhm, &p, end ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! dhm_read_params returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( dhm.len < 64 || dhm.len > 512 )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Invalid DHM modulus size\n\n" );
|
||||
mbedtls_printf( " failed\n ! Invalid DHM modulus size\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -195,7 +195,7 @@ int main( void )
|
||||
* 5. Check that the server's RSA signature matches
|
||||
* the SHA-256 hash of (P,G,Ys)
|
||||
*/
|
||||
polarssl_printf( "\n . Verifying the server's RSA signature" );
|
||||
mbedtls_printf( "\n . Verifying the server's RSA signature" );
|
||||
fflush( stdout );
|
||||
|
||||
p += 2;
|
||||
@@ -203,55 +203,55 @@ int main( void )
|
||||
if( ( n = (size_t) ( end - p ) ) != rsa.len )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Invalid RSA signature size\n\n" );
|
||||
mbedtls_printf( " failed\n ! Invalid RSA signature size\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
sha1( buf, (int)( p - 2 - buf ), hash );
|
||||
mbedtls_sha1( buf, (int)( p - 2 - buf ), hash );
|
||||
|
||||
if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC,
|
||||
POLARSSL_MD_SHA256, 0, hash, p ) ) != 0 )
|
||||
if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
|
||||
MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 6. Send our public value: Yc = G ^ Xc mod P
|
||||
*/
|
||||
polarssl_printf( "\n . Sending own public value to server" );
|
||||
mbedtls_printf( "\n . Sending own public value to server" );
|
||||
fflush( stdout );
|
||||
|
||||
n = dhm.len;
|
||||
if( ( ret = dhm_make_public( &dhm, (int) dhm.len, buf, n,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, n,
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! dhm_make_public returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = net_send( &server_fd, buf, n ) ) != (int) n )
|
||||
if( ( ret = mbedtls_net_send( &server_fd, buf, n ) ) != (int) n )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_send returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 7. Derive the shared secret: K = Ys ^ Xc mod P
|
||||
*/
|
||||
polarssl_printf( "\n . Shared secret: " );
|
||||
mbedtls_printf( "\n . Shared secret: " );
|
||||
fflush( stdout );
|
||||
|
||||
n = dhm.len;
|
||||
if( ( ret = dhm_calc_secret( &dhm, buf, &n,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, &n,
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! dhm_calc_secret returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
for( n = 0; n < 16; n++ )
|
||||
polarssl_printf( "%02x", buf[n] );
|
||||
mbedtls_printf( "%02x", buf[n] );
|
||||
|
||||
/*
|
||||
* 8. Setup the AES-256 decryption key
|
||||
@@ -261,41 +261,41 @@ int main( void )
|
||||
* the keying material for the encryption/decryption keys,
|
||||
* IVs and MACs.
|
||||
*/
|
||||
polarssl_printf( "...\n . Receiving and decrypting the ciphertext" );
|
||||
mbedtls_printf( "...\n . Receiving and decrypting the ciphertext" );
|
||||
fflush( stdout );
|
||||
|
||||
aes_setkey_dec( &aes, buf, 256 );
|
||||
mbedtls_aes_setkey_dec( &aes, buf, 256 );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
if( ( ret = net_recv( &server_fd, buf, 16 ) ) != 16 )
|
||||
if( ( ret = mbedtls_net_recv( &server_fd, buf, 16 ) ) != 16 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_recv returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
aes_crypt_ecb( &aes, AES_DECRYPT, buf, buf );
|
||||
mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_DECRYPT, buf, buf );
|
||||
buf[16] = '\0';
|
||||
polarssl_printf( "\n . Plaintext is \"%s\"\n\n", (char *) buf );
|
||||
mbedtls_printf( "\n . Plaintext is \"%s\"\n\n", (char *) buf );
|
||||
|
||||
exit:
|
||||
|
||||
if( server_fd != -1 )
|
||||
net_close( server_fd );
|
||||
mbedtls_net_close( server_fd );
|
||||
|
||||
aes_free( &aes );
|
||||
rsa_free( &rsa );
|
||||
dhm_free( &dhm );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_aes_free( &aes );
|
||||
mbedtls_rsa_free( &rsa );
|
||||
mbedtls_dhm_free( &dhm );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_AES_C && POLARSSL_DHM_C && POLARSSL_ENTROPY_C &&
|
||||
POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
|
||||
POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
|
||||
MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
|
||||
MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -20,22 +20,22 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
|
||||
defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) && \
|
||||
defined(POLARSSL_GENPRIME)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
|
||||
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
|
||||
defined(MBEDTLS_GENPRIME)
|
||||
#include "mbedtls/bignum.h"
|
||||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
@@ -51,121 +51,121 @@
|
||||
#define DH_P_SIZE 1024
|
||||
#define GENERATOR "4"
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C) || \
|
||||
!defined(POLARSSL_GENPRIME)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
|
||||
!defined(MBEDTLS_GENPRIME)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_FS_IO and/or POLARSSL_CTR_DRBG_C and/or "
|
||||
"POLARSSL_GENPRIME not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
|
||||
"MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C and/or "
|
||||
"MBEDTLS_GENPRIME not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
int main( void )
|
||||
{
|
||||
int ret = 1;
|
||||
mpi G, P, Q;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_mpi G, P, Q;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
const char *pers = "dh_genprime";
|
||||
FILE *fout;
|
||||
|
||||
mpi_init( &G ); mpi_init( &P ); mpi_init( &Q );
|
||||
entropy_init( &entropy );
|
||||
mbedtls_mpi_init( &G ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
|
||||
mbedtls_entropy_init( &entropy );
|
||||
|
||||
if( ( ret = mpi_read_string( &G, 10, GENERATOR ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_read_string( &G, 10, GENERATOR ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_read_string returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_read_string returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\nWARNING: You should not generate and use your own DHM primes\n" );
|
||||
polarssl_printf( " unless you are very certain of what you are doing!\n" );
|
||||
polarssl_printf( " Failing to follow this instruction may result in\n" );
|
||||
polarssl_printf( " weak security for your connections! Use the\n" );
|
||||
polarssl_printf( " predefined DHM parameters from dhm.h instead!\n\n" );
|
||||
polarssl_printf( "============================================================\n\n" );
|
||||
mbedtls_printf( "\nWARNING: You should not generate and use your own DHM primes\n" );
|
||||
mbedtls_printf( " unless you are very certain of what you are doing!\n" );
|
||||
mbedtls_printf( " Failing to follow this instruction may result in\n" );
|
||||
mbedtls_printf( " weak security for your connections! Use the\n" );
|
||||
mbedtls_printf( " predefined DHM parameters from dhm.h instead!\n\n" );
|
||||
mbedtls_printf( "============================================================\n\n" );
|
||||
|
||||
polarssl_printf( " ! Generating large primes may take minutes!\n" );
|
||||
mbedtls_printf( " ! Generating large primes may take minutes!\n" );
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n . Generating the modulus, please wait..." );
|
||||
mbedtls_printf( " ok\n . Generating the modulus, please wait..." );
|
||||
fflush( stdout );
|
||||
|
||||
/*
|
||||
* This can take a long time...
|
||||
*/
|
||||
if( ( ret = mpi_gen_prime( &P, DH_P_SIZE, 1,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_gen_prime( &P, DH_P_SIZE, 1,
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_gen_prime returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_gen_prime returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n . Verifying that Q = (P-1)/2 is prime..." );
|
||||
mbedtls_printf( " ok\n . Verifying that Q = (P-1)/2 is prime..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = mpi_sub_int( &Q, &P, 1 ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_sub_int( &Q, &P, 1 ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_sub_int returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_sub_int returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = mpi_div_int( &Q, NULL, &Q, 2 ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_div_int( &Q, NULL, &Q, 2 ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_div_int returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_div_int returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = mpi_is_prime( &Q, ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_is_prime( &Q, mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_is_prime returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_is_prime returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n . Exporting the value in dh_prime.txt..." );
|
||||
mbedtls_printf( " ok\n . Exporting the value in dh_prime.txt..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( fout = fopen( "dh_prime.txt", "wb+" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not create dh_prime.txt\n\n" );
|
||||
mbedtls_printf( " failed\n ! Could not create dh_prime.txt\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = mpi_write_file( "P = ", &P, 16, fout ) != 0 ) ||
|
||||
( ret = mpi_write_file( "G = ", &G, 16, fout ) != 0 ) )
|
||||
if( ( ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) != 0 ) ||
|
||||
( ret = mbedtls_mpi_write_file( "G = ", &G, 16, fout ) != 0 ) )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_write_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n\n" );
|
||||
mbedtls_printf( " ok\n\n" );
|
||||
fclose( fout );
|
||||
|
||||
exit:
|
||||
|
||||
mpi_free( &G ); mpi_free( &P ); mpi_free( &Q );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_mpi_free( &G ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_FS_IO &&
|
||||
POLARSSL_CTR_DRBG_C && POLARSSL_GENPRIME */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO &&
|
||||
MBEDTLS_CTR_DRBG_C && MBEDTLS_GENPRIME */
|
||||
|
||||
@@ -20,23 +20,23 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) && \
|
||||
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) && \
|
||||
defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \
|
||||
defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
|
||||
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
|
||||
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
|
||||
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/net.h"
|
||||
#include "mbedtls/aes.h"
|
||||
#include "mbedtls/dhm.h"
|
||||
@@ -52,16 +52,16 @@
|
||||
#define SERVER_PORT 11999
|
||||
#define PLAINTEXT "==Hello there!=="
|
||||
|
||||
#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_DHM_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \
|
||||
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \
|
||||
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
|
||||
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
|
||||
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C "
|
||||
"and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
|
||||
"and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or "
|
||||
"MBEDTLS_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -79,82 +79,82 @@ int main( void )
|
||||
unsigned char buf2[2];
|
||||
const char *pers = "dh_server";
|
||||
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
rsa_context rsa;
|
||||
dhm_context dhm;
|
||||
aes_context aes;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_rsa_context rsa;
|
||||
mbedtls_dhm_context dhm;
|
||||
mbedtls_aes_context aes;
|
||||
|
||||
memset( &rsa, 0, sizeof( rsa ) );
|
||||
dhm_init( &dhm );
|
||||
aes_init( &aes );
|
||||
mbedtls_dhm_init( &dhm );
|
||||
mbedtls_aes_init( &aes );
|
||||
|
||||
/*
|
||||
* 1. Setup the RNG
|
||||
*/
|
||||
polarssl_printf( "\n . Seeding the random number generator" );
|
||||
mbedtls_printf( "\n . Seeding the random number generator" );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 2a. Read the server's private RSA key
|
||||
*/
|
||||
polarssl_printf( "\n . Reading private key from rsa_priv.txt" );
|
||||
mbedtls_printf( "\n . Reading private key from rsa_priv.txt" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not open rsa_priv.txt\n" \
|
||||
mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \
|
||||
" ! Please run rsa_genkey first\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
|
||||
|
||||
if( ( ret = mpi_read_file( &rsa.N , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.E , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.D , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.P , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.Q , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.DP, 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.DQ, 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.QP, 16, f ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_read_file( &rsa.N , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.E , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.D , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.P , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.Q , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.DP, 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.DQ, 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.QP, 16, f ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_read_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
rsa.len = ( mbedtls_mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
|
||||
fclose( f );
|
||||
|
||||
/*
|
||||
* 2b. Get the DHM modulus and generator
|
||||
*/
|
||||
polarssl_printf( "\n . Reading DH parameters from dh_prime.txt" );
|
||||
mbedtls_printf( "\n . Reading DH parameters from dh_prime.txt" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( f = fopen( "dh_prime.txt", "rb" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not open dh_prime.txt\n" \
|
||||
mbedtls_printf( " failed\n ! Could not open dh_prime.txt\n" \
|
||||
" ! Please run dh_genprime first\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( mpi_read_file( &dhm.P, 16, f ) != 0 ||
|
||||
mpi_read_file( &dhm.G, 16, f ) != 0 )
|
||||
if( mbedtls_mpi_read_file( &dhm.P, 16, f ) != 0 ||
|
||||
mbedtls_mpi_read_file( &dhm.G, 16, f ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Invalid DH parameter file\n\n" );
|
||||
mbedtls_printf( " failed\n ! Invalid DH parameter file\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -163,48 +163,48 @@ int main( void )
|
||||
/*
|
||||
* 3. Wait for a client to connect
|
||||
*/
|
||||
polarssl_printf( "\n . Waiting for a remote connection" );
|
||||
mbedtls_printf( "\n . Waiting for a remote connection" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_bind( &listen_fd, NULL, SERVER_PORT, NET_PROTO_TCP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_bind( &listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_accept returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 4. Setup the DH parameters (P,G,Ys)
|
||||
*/
|
||||
polarssl_printf( "\n . Sending the server's DH parameters" );
|
||||
mbedtls_printf( "\n . Sending the server's DH parameters" );
|
||||
fflush( stdout );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
if( ( ret = dhm_make_params( &dhm, (int) mpi_size( &dhm.P ), buf, &n,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_dhm_make_params( &dhm, (int) mbedtls_mpi_size( &dhm.P ), buf, &n,
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! dhm_make_params returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 5. Sign the parameters and send them
|
||||
*/
|
||||
sha1( buf, n, hash );
|
||||
mbedtls_sha1( buf, n, hash );
|
||||
|
||||
buf[n ] = (unsigned char)( rsa.len >> 8 );
|
||||
buf[n + 1] = (unsigned char)( rsa.len );
|
||||
|
||||
if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA256,
|
||||
if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
|
||||
0, hash, buf + n + 2 ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -212,49 +212,49 @@ int main( void )
|
||||
buf2[0] = (unsigned char)( buflen >> 8 );
|
||||
buf2[1] = (unsigned char)( buflen );
|
||||
|
||||
if( ( ret = net_send( &client_fd, buf2, 2 ) ) != 2 ||
|
||||
( ret = net_send( &client_fd, buf, buflen ) ) != (int) buflen )
|
||||
if( ( ret = mbedtls_net_send( &client_fd, buf2, 2 ) ) != 2 ||
|
||||
( ret = mbedtls_net_send( &client_fd, buf, buflen ) ) != (int) buflen )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_send returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 6. Get the client's public value: Yc = G ^ Xc mod P
|
||||
*/
|
||||
polarssl_printf( "\n . Receiving the client's public value" );
|
||||
mbedtls_printf( "\n . Receiving the client's public value" );
|
||||
fflush( stdout );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
n = dhm.len;
|
||||
|
||||
if( ( ret = net_recv( &client_fd, buf, n ) ) != (int) n )
|
||||
if( ( ret = mbedtls_net_recv( &client_fd, buf, n ) ) != (int) n )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_recv returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = dhm_read_public( &dhm, buf, dhm.len ) ) != 0 )
|
||||
if( ( ret = mbedtls_dhm_read_public( &dhm, buf, dhm.len ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! dhm_read_public returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 7. Derive the shared secret: K = Ys ^ Xc mod P
|
||||
*/
|
||||
polarssl_printf( "\n . Shared secret: " );
|
||||
mbedtls_printf( "\n . Shared secret: " );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = dhm_calc_secret( &dhm, buf, &n,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, &n,
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! dhm_calc_secret returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
for( n = 0; n < 16; n++ )
|
||||
polarssl_printf( "%02x", buf[n] );
|
||||
mbedtls_printf( "%02x", buf[n] );
|
||||
|
||||
/*
|
||||
* 8. Setup the AES-256 encryption key
|
||||
@@ -264,39 +264,39 @@ int main( void )
|
||||
* the keying material for the encryption/decryption keys
|
||||
* and MACs.
|
||||
*/
|
||||
polarssl_printf( "...\n . Encrypting and sending the ciphertext" );
|
||||
mbedtls_printf( "...\n . Encrypting and sending the ciphertext" );
|
||||
fflush( stdout );
|
||||
|
||||
aes_setkey_enc( &aes, buf, 256 );
|
||||
mbedtls_aes_setkey_enc( &aes, buf, 256 );
|
||||
memcpy( buf, PLAINTEXT, 16 );
|
||||
aes_crypt_ecb( &aes, AES_ENCRYPT, buf, buf );
|
||||
mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_ENCRYPT, buf, buf );
|
||||
|
||||
if( ( ret = net_send( &client_fd, buf, 16 ) ) != 16 )
|
||||
if( ( ret = mbedtls_net_send( &client_fd, buf, 16 ) ) != 16 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_send returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n\n" );
|
||||
mbedtls_printf( "\n\n" );
|
||||
|
||||
exit:
|
||||
|
||||
if( client_fd != -1 )
|
||||
net_close( client_fd );
|
||||
mbedtls_net_close( client_fd );
|
||||
|
||||
aes_free( &aes );
|
||||
rsa_free( &rsa );
|
||||
dhm_free( &dhm );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_aes_free( &aes );
|
||||
mbedtls_rsa_free( &rsa );
|
||||
mbedtls_dhm_free( &dhm );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_AES_C && POLARSSL_DHM_C && POLARSSL_ENTROPY_C &&
|
||||
POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
|
||||
POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
|
||||
MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
|
||||
MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -20,21 +20,21 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECDSA_C) && \
|
||||
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_ECDSA_C) && \
|
||||
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
#include "mbedtls/ecdsa.h"
|
||||
@@ -50,18 +50,18 @@
|
||||
/*
|
||||
* Uncomment to force use of a specific curve
|
||||
*/
|
||||
#define ECPARAMS POLARSSL_ECP_DP_SECP192R1
|
||||
#define ECPARAMS MBEDTLS_ECP_DP_SECP192R1
|
||||
|
||||
#if !defined(ECPARAMS)
|
||||
#define ECPARAMS ecp_curve_list()->grp_id
|
||||
#define ECPARAMS mbedtls_ecp_curve_list()->grp_id
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_ECDSA_C) || !defined(POLARSSL_SHA256_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_ECDSA_C) || !defined(MBEDTLS_SHA256_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_ECDSA_C and/or POLARSSL_SHA256_C and/or "
|
||||
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C not defined\n");
|
||||
mbedtls_printf("MBEDTLS_ECDSA_C and/or MBEDTLS_SHA256_C and/or "
|
||||
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -70,22 +70,22 @@ static void dump_buf( const char *title, unsigned char *buf, size_t len )
|
||||
{
|
||||
size_t i;
|
||||
|
||||
polarssl_printf( "%s", title );
|
||||
mbedtls_printf( "%s", title );
|
||||
for( i = 0; i < len; i++ )
|
||||
polarssl_printf("%c%c", "0123456789ABCDEF" [buf[i] / 16],
|
||||
mbedtls_printf("%c%c", "0123456789ABCDEF" [buf[i] / 16],
|
||||
"0123456789ABCDEF" [buf[i] % 16] );
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
}
|
||||
|
||||
static void dump_pubkey( const char *title, ecdsa_context *key )
|
||||
static void dump_pubkey( const char *title, mbedtls_ecdsa_context *key )
|
||||
{
|
||||
unsigned char buf[300];
|
||||
size_t len;
|
||||
|
||||
if( ecp_point_write_binary( &key->grp, &key->Q,
|
||||
POLARSSL_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf ) != 0 )
|
||||
if( mbedtls_ecp_point_write_binary( &key->grp, &key->Q,
|
||||
MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf ) != 0 )
|
||||
{
|
||||
polarssl_printf("internal error\n");
|
||||
mbedtls_printf("internal error\n");
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -99,27 +99,27 @@ static void dump_pubkey( const char *title, ecdsa_context *key )
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret;
|
||||
ecdsa_context ctx_sign, ctx_verify;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ecdsa_context ctx_sign, ctx_verify;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
unsigned char hash[] = "This should be the hash of a message.";
|
||||
unsigned char sig[512];
|
||||
size_t sig_len;
|
||||
const char *pers = "ecdsa";
|
||||
((void) argv);
|
||||
|
||||
ecdsa_init( &ctx_sign );
|
||||
ecdsa_init( &ctx_verify );
|
||||
mbedtls_ecdsa_init( &ctx_sign );
|
||||
mbedtls_ecdsa_init( &ctx_verify );
|
||||
|
||||
memset(sig, 0, sizeof( sig ) );
|
||||
ret = 1;
|
||||
|
||||
if( argc != 1 )
|
||||
{
|
||||
polarssl_printf( "usage: ecdsa\n" );
|
||||
mbedtls_printf( "usage: ecdsa\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
@@ -128,47 +128,47 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Generate a key pair for signing
|
||||
*/
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n . Generating key pair..." );
|
||||
mbedtls_printf( " ok\n . Generating key pair..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ecdsa_genkey( &ctx_sign, ECPARAMS,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_ecdsa_genkey( &ctx_sign, ECPARAMS,
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ecdsa_genkey returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ecdsa_genkey returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits );
|
||||
mbedtls_printf( " ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits );
|
||||
|
||||
dump_pubkey( " + Public key: ", &ctx_sign );
|
||||
|
||||
/*
|
||||
* Sign some message hash
|
||||
*/
|
||||
polarssl_printf( " . Signing message..." );
|
||||
mbedtls_printf( " . Signing message..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ecdsa_write_signature( &ctx_sign, POLARSSL_MD_SHA256,
|
||||
if( ( ret = mbedtls_ecdsa_write_signature( &ctx_sign, MBEDTLS_MD_SHA256,
|
||||
hash, sizeof( hash ),
|
||||
sig, &sig_len,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ecdsa_genkey returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ecdsa_genkey returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
polarssl_printf( " ok (signature length = %u)\n", (unsigned int) sig_len );
|
||||
mbedtls_printf( " ok (signature length = %u)\n", (unsigned int) sig_len );
|
||||
|
||||
dump_buf( " + Hash: ", hash, sizeof hash );
|
||||
dump_buf( " + Signature: ", sig, sig_len );
|
||||
@@ -180,18 +180,18 @@ int main( int argc, char *argv[] )
|
||||
* chose to use a new one in order to make it clear that the verifying
|
||||
* context only needs the public key (Q), and not the private key (d).
|
||||
*/
|
||||
polarssl_printf( " . Preparing verification context..." );
|
||||
mbedtls_printf( " . Preparing verification context..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ecp_group_copy( &ctx_verify.grp, &ctx_sign.grp ) ) != 0 )
|
||||
if( ( ret = mbedtls_ecp_group_copy( &ctx_verify.grp, &ctx_sign.grp ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ecp_group_copy returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ecp_group_copy returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = ecp_copy( &ctx_verify.Q, &ctx_sign.Q ) ) != 0 )
|
||||
if( ( ret = mbedtls_ecp_copy( &ctx_verify.Q, &ctx_sign.Q ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ecp_copy returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ecp_copy returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -200,32 +200,32 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Verify signature
|
||||
*/
|
||||
polarssl_printf( " ok\n . Verifying signature..." );
|
||||
mbedtls_printf( " ok\n . Verifying signature..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ecdsa_read_signature( &ctx_verify,
|
||||
if( ( ret = mbedtls_ecdsa_read_signature( &ctx_verify,
|
||||
hash, sizeof( hash ),
|
||||
sig, sig_len ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ecdsa_read_signature returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ecdsa_read_signature returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
exit:
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
ecdsa_free( &ctx_verify );
|
||||
ecdsa_free( &ctx_sign );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_ecdsa_free( &ctx_verify );
|
||||
mbedtls_ecdsa_free( &ctx_sign );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_ECDSA_C && POLARSSL_ENTROPY_C && POLARSSL_CTR_DRBG_C &&
|
||||
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
|
||||
ECPARAMS */
|
||||
|
||||
@@ -20,21 +20,21 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_FS_IO) && \
|
||||
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO) && \
|
||||
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/pk.h"
|
||||
#include "mbedtls/ecdsa.h"
|
||||
@@ -64,7 +64,7 @@ int dev_random_entropy_poll( void *data, unsigned char *output,
|
||||
|
||||
file = fopen( "/dev/random", "rb" );
|
||||
if( file == NULL )
|
||||
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
|
||||
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
||||
|
||||
while( left > 0 )
|
||||
{
|
||||
@@ -73,7 +73,7 @@ int dev_random_entropy_poll( void *data, unsigned char *output,
|
||||
if( ret == 0 && ferror( file ) )
|
||||
{
|
||||
fclose( file );
|
||||
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
|
||||
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
||||
}
|
||||
|
||||
p += ret;
|
||||
@@ -88,23 +88,23 @@ int dev_random_entropy_poll( void *data, unsigned char *output,
|
||||
#endif /* !_WIN32 */
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
#define DFL_EC_CURVE ecp_curve_list()->grp_id
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
#define DFL_EC_CURVE mbedtls_ecp_curve_list()->grp_id
|
||||
#else
|
||||
#define DFL_EC_CURVE 0
|
||||
#endif
|
||||
|
||||
#if !defined(_WIN32) && defined(POLARSSL_FS_IO)
|
||||
#if !defined(_WIN32) && defined(MBEDTLS_FS_IO)
|
||||
#define USAGE_DEV_RANDOM \
|
||||
" use_dev_random=0|1 default: 0\n"
|
||||
#else
|
||||
#define USAGE_DEV_RANDOM ""
|
||||
#endif /* !_WIN32 && POLARSSL_FS_IO */
|
||||
#endif /* !_WIN32 && MBEDTLS_FS_IO */
|
||||
|
||||
#define FORMAT_PEM 0
|
||||
#define FORMAT_DER 1
|
||||
|
||||
#define DFL_TYPE POLARSSL_PK_RSA
|
||||
#define DFL_TYPE MBEDTLS_PK_RSA
|
||||
#define DFL_RSA_KEYSIZE 4096
|
||||
#define DFL_FILENAME "keyfile.key"
|
||||
#define DFL_FORMAT FORMAT_PEM
|
||||
@@ -121,12 +121,12 @@ int dev_random_entropy_poll( void *data, unsigned char *output,
|
||||
USAGE_DEV_RANDOM \
|
||||
"\n"
|
||||
|
||||
#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_FS_IO) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
|
||||
mbedtls_printf( "MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or "
|
||||
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
|
||||
"not defined.\n" );
|
||||
return( 0 );
|
||||
}
|
||||
@@ -144,7 +144,7 @@ struct options
|
||||
int use_dev_random; /* use /dev/random as entropy source */
|
||||
} opt;
|
||||
|
||||
static int write_private_key( pk_context *key, const char *output_file )
|
||||
static int write_private_key( mbedtls_pk_context *key, const char *output_file )
|
||||
{
|
||||
int ret;
|
||||
FILE *f;
|
||||
@@ -155,14 +155,14 @@ static int write_private_key( pk_context *key, const char *output_file )
|
||||
memset(output_buf, 0, 16000);
|
||||
if( opt.format == FORMAT_PEM )
|
||||
{
|
||||
if( ( ret = pk_write_key_pem( key, output_buf, 16000 ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_write_key_pem( key, output_buf, 16000 ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
len = strlen( (char *) output_buf );
|
||||
}
|
||||
else
|
||||
{
|
||||
if( ( ret = pk_write_key_der( key, output_buf, 16000 ) ) < 0 )
|
||||
if( ( ret = mbedtls_pk_write_key_der( key, output_buf, 16000 ) ) < 0 )
|
||||
return( ret );
|
||||
|
||||
len = ret;
|
||||
@@ -186,34 +186,34 @@ static int write_private_key( pk_context *key, const char *output_file )
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0;
|
||||
pk_context key;
|
||||
mbedtls_pk_context key;
|
||||
char buf[1024];
|
||||
int i;
|
||||
char *p, *q;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
const char *pers = "gen_key";
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
const ecp_curve_info *curve_info;
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
const mbedtls_ecp_curve_info *curve_info;
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Set to sane values
|
||||
*/
|
||||
pk_init( &key );
|
||||
mbedtls_pk_init( &key );
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
usage:
|
||||
ret = 1;
|
||||
polarssl_printf( USAGE );
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
polarssl_printf( " availabled ec_curve values:\n" );
|
||||
curve_info = ecp_curve_list();
|
||||
polarssl_printf( " %s (default)\n", curve_info->name );
|
||||
mbedtls_printf( USAGE );
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
mbedtls_printf( " availabled ec_curve values:\n" );
|
||||
curve_info = mbedtls_ecp_curve_list();
|
||||
mbedtls_printf( " %s (default)\n", curve_info->name );
|
||||
while( ( ++curve_info )->name != NULL )
|
||||
polarssl_printf( " %s\n", curve_info->name );
|
||||
mbedtls_printf( " %s\n", curve_info->name );
|
||||
#endif
|
||||
goto exit;
|
||||
}
|
||||
@@ -235,9 +235,9 @@ int main( int argc, char *argv[] )
|
||||
if( strcmp( p, "type" ) == 0 )
|
||||
{
|
||||
if( strcmp( q, "rsa" ) == 0 )
|
||||
opt.type = POLARSSL_PK_RSA;
|
||||
opt.type = MBEDTLS_PK_RSA;
|
||||
else if( strcmp( q, "ec" ) == 0 )
|
||||
opt.type = POLARSSL_PK_ECKEY;
|
||||
opt.type = MBEDTLS_PK_ECKEY;
|
||||
else
|
||||
goto usage;
|
||||
}
|
||||
@@ -254,13 +254,13 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
opt.rsa_keysize = atoi( q );
|
||||
if( opt.rsa_keysize < 1024 ||
|
||||
opt.rsa_keysize > POLARSSL_MPI_MAX_BITS )
|
||||
opt.rsa_keysize > MBEDTLS_MPI_MAX_BITS )
|
||||
goto usage;
|
||||
}
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
else if( strcmp( p, "ec_curve" ) == 0 )
|
||||
{
|
||||
if( ( curve_info = ecp_curve_info_from_name( q ) ) == NULL )
|
||||
if( ( curve_info = mbedtls_ecp_curve_info_from_name( q ) ) == NULL )
|
||||
goto usage;
|
||||
opt.ec_curve = curve_info->grp_id;
|
||||
}
|
||||
@@ -277,144 +277,144 @@ int main( int argc, char *argv[] )
|
||||
goto usage;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
#if !defined(_WIN32) && defined(POLARSSL_FS_IO)
|
||||
mbedtls_entropy_init( &entropy );
|
||||
#if !defined(_WIN32) && defined(MBEDTLS_FS_IO)
|
||||
if( opt.use_dev_random )
|
||||
{
|
||||
if( ( ret = entropy_add_source( &entropy, dev_random_entropy_poll,
|
||||
if( ( ret = mbedtls_entropy_add_source( &entropy, dev_random_entropy_poll,
|
||||
NULL, DEV_RANDOM_THRESHOLD ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! entropy_add_source returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_entropy_add_source returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf("\n Using /dev/random, so can take a long time! " );
|
||||
mbedtls_printf("\n Using /dev/random, so can take a long time! " );
|
||||
fflush( stdout );
|
||||
}
|
||||
#endif /* !_WIN32 && POLARSSL_FS_IO */
|
||||
#endif /* !_WIN32 && MBEDTLS_FS_IO */
|
||||
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 1.1. Generate the key
|
||||
*/
|
||||
polarssl_printf( "\n . Generating the private key ..." );
|
||||
mbedtls_printf( "\n . Generating the private key ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = pk_init_ctx( &key, pk_info_from_type( opt.type ) ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_init_ctx( &key, mbedtls_pk_info_from_type( opt.type ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_init_ctx returned -0x%04x", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_init_ctx returned -0x%04x", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME)
|
||||
if( opt.type == POLARSSL_PK_RSA )
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
|
||||
if( opt.type == MBEDTLS_PK_RSA )
|
||||
{
|
||||
ret = rsa_gen_key( pk_rsa( key ), ctr_drbg_random, &ctr_drbg,
|
||||
ret = mbedtls_rsa_gen_key( mbedtls_pk_rsa( key ), mbedtls_ctr_drbg_random, &ctr_drbg,
|
||||
opt.rsa_keysize, 65537 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_gen_key returned -0x%04x", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_gen_key returned -0x%04x", -ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( opt.type == POLARSSL_PK_ECKEY )
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if( opt.type == MBEDTLS_PK_ECKEY )
|
||||
{
|
||||
ret = ecp_gen_key( opt.ec_curve, pk_ec( key ),
|
||||
ctr_drbg_random, &ctr_drbg );
|
||||
ret = mbedtls_ecp_gen_key( opt.ec_curve, mbedtls_pk_ec( key ),
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_gen_key returned -0x%04x", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_gen_key returned -0x%04x", -ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_ECP_C */
|
||||
#endif /* MBEDTLS_ECP_C */
|
||||
{
|
||||
polarssl_printf( " failed\n ! key type not supported\n" );
|
||||
mbedtls_printf( " failed\n ! key type not supported\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 1.2 Print the key
|
||||
*/
|
||||
polarssl_printf( " ok\n . Key information:\n" );
|
||||
mbedtls_printf( " ok\n . Key information:\n" );
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( &key ) == POLARSSL_PK_RSA )
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA )
|
||||
{
|
||||
rsa_context *rsa = pk_rsa( key );
|
||||
mpi_write_file( "N: ", &rsa->N, 16, NULL );
|
||||
mpi_write_file( "E: ", &rsa->E, 16, NULL );
|
||||
mpi_write_file( "D: ", &rsa->D, 16, NULL );
|
||||
mpi_write_file( "P: ", &rsa->P, 16, NULL );
|
||||
mpi_write_file( "Q: ", &rsa->Q, 16, NULL );
|
||||
mpi_write_file( "DP: ", &rsa->DP, 16, NULL );
|
||||
mpi_write_file( "DQ: ", &rsa->DQ, 16, NULL );
|
||||
mpi_write_file( "QP: ", &rsa->QP, 16, NULL );
|
||||
mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key );
|
||||
mbedtls_mpi_write_file( "N: ", &rsa->N, 16, NULL );
|
||||
mbedtls_mpi_write_file( "E: ", &rsa->E, 16, NULL );
|
||||
mbedtls_mpi_write_file( "D: ", &rsa->D, 16, NULL );
|
||||
mbedtls_mpi_write_file( "P: ", &rsa->P, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q: ", &rsa->Q, 16, NULL );
|
||||
mbedtls_mpi_write_file( "DP: ", &rsa->DP, 16, NULL );
|
||||
mbedtls_mpi_write_file( "DQ: ", &rsa->DQ, 16, NULL );
|
||||
mbedtls_mpi_write_file( "QP: ", &rsa->QP, 16, NULL );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( &key ) == POLARSSL_PK_ECKEY )
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY )
|
||||
{
|
||||
ecp_keypair *ecp = pk_ec( key );
|
||||
polarssl_printf( "curve: %s\n",
|
||||
ecp_curve_info_from_grp_id( ecp->grp.id )->name );
|
||||
mpi_write_file( "X_Q: ", &ecp->Q.X, 16, NULL );
|
||||
mpi_write_file( "Y_Q: ", &ecp->Q.Y, 16, NULL );
|
||||
mpi_write_file( "D: ", &ecp->d , 16, NULL );
|
||||
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key );
|
||||
mbedtls_printf( "curve: %s\n",
|
||||
mbedtls_ecp_curve_info_from_grp_id( ecp->grp.id )->name );
|
||||
mbedtls_mpi_write_file( "X_Q: ", &ecp->Q.X, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Y_Q: ", &ecp->Q.Y, 16, NULL );
|
||||
mbedtls_mpi_write_file( "D: ", &ecp->d , 16, NULL );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
polarssl_printf(" ! key type not supported\n");
|
||||
mbedtls_printf(" ! key type not supported\n");
|
||||
|
||||
/*
|
||||
* 1.3 Export key
|
||||
*/
|
||||
polarssl_printf( " . Writing key to file..." );
|
||||
mbedtls_printf( " . Writing key to file..." );
|
||||
|
||||
if( ( ret = write_private_key( &key, opt.filename ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n" );
|
||||
mbedtls_printf( " failed\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
exit:
|
||||
|
||||
if( ret != 0 && ret != 1)
|
||||
{
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
polarssl_strerror( ret, buf, sizeof( buf ) );
|
||||
polarssl_printf( " - %s\n", buf );
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
mbedtls_strerror( ret, buf, sizeof( buf ) );
|
||||
mbedtls_printf( " - %s\n", buf );
|
||||
#else
|
||||
polarssl_printf("\n");
|
||||
mbedtls_printf("\n");
|
||||
#endif
|
||||
}
|
||||
|
||||
pk_free( &key );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_pk_free( &key );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_PK_WRITE_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,21 +20,21 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && \
|
||||
defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && \
|
||||
defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/rsa.h"
|
||||
#include "mbedtls/x509.h"
|
||||
@@ -62,12 +62,12 @@
|
||||
"\n"
|
||||
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || \
|
||||
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || \
|
||||
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or "
|
||||
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or "
|
||||
"MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -85,7 +85,7 @@ struct options
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0;
|
||||
pk_context pk;
|
||||
mbedtls_pk_context pk;
|
||||
char buf[1024];
|
||||
int i;
|
||||
char *p, *q;
|
||||
@@ -93,13 +93,13 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Set to sane values
|
||||
*/
|
||||
pk_init( &pk );
|
||||
mbedtls_pk_init( &pk );
|
||||
memset( buf, 0, sizeof(buf) );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
usage:
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -138,7 +138,7 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
if( strlen( opt.password ) && strlen( opt.password_file ) )
|
||||
{
|
||||
polarssl_printf( "Error: cannot have both password and password_file\n" );
|
||||
mbedtls_printf( "Error: cannot have both password and password_file\n" );
|
||||
goto usage;
|
||||
}
|
||||
|
||||
@@ -146,16 +146,16 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
FILE *f;
|
||||
|
||||
polarssl_printf( "\n . Loading the password file ..." );
|
||||
mbedtls_printf( "\n . Loading the password file ..." );
|
||||
if( ( f = fopen( opt.password_file, "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( " failed\n ! fopen returned NULL\n" );
|
||||
mbedtls_printf( " failed\n ! fopen returned NULL\n" );
|
||||
goto exit;
|
||||
}
|
||||
if( fgets( buf, sizeof(buf), f ) == NULL )
|
||||
{
|
||||
fclose( f );
|
||||
polarssl_printf( "Error: fgets() failed to retrieve password\n" );
|
||||
mbedtls_printf( "Error: fgets() failed to retrieve password\n" );
|
||||
goto exit;
|
||||
}
|
||||
fclose( f );
|
||||
@@ -169,51 +169,51 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 1.1. Load the key
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the private key ..." );
|
||||
mbedtls_printf( "\n . Loading the private key ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = pk_parse_keyfile( &pk, opt.filename, opt.password );
|
||||
ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_keyfile returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.2 Print the key
|
||||
*/
|
||||
polarssl_printf( " . Key information ...\n" );
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( &pk ) == POLARSSL_PK_RSA )
|
||||
mbedtls_printf( " . Key information ...\n" );
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
|
||||
{
|
||||
rsa_context *rsa = pk_rsa( pk );
|
||||
mpi_write_file( "N: ", &rsa->N, 16, NULL );
|
||||
mpi_write_file( "E: ", &rsa->E, 16, NULL );
|
||||
mpi_write_file( "D: ", &rsa->D, 16, NULL );
|
||||
mpi_write_file( "P: ", &rsa->P, 16, NULL );
|
||||
mpi_write_file( "Q: ", &rsa->Q, 16, NULL );
|
||||
mpi_write_file( "DP: ", &rsa->DP, 16, NULL );
|
||||
mpi_write_file( "DQ: ", &rsa->DQ, 16, NULL );
|
||||
mpi_write_file( "QP: ", &rsa->QP, 16, NULL );
|
||||
mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk );
|
||||
mbedtls_mpi_write_file( "N: ", &rsa->N, 16, NULL );
|
||||
mbedtls_mpi_write_file( "E: ", &rsa->E, 16, NULL );
|
||||
mbedtls_mpi_write_file( "D: ", &rsa->D, 16, NULL );
|
||||
mbedtls_mpi_write_file( "P: ", &rsa->P, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q: ", &rsa->Q, 16, NULL );
|
||||
mbedtls_mpi_write_file( "DP: ", &rsa->DP, 16, NULL );
|
||||
mbedtls_mpi_write_file( "DQ: ", &rsa->DQ, 16, NULL );
|
||||
mbedtls_mpi_write_file( "QP: ", &rsa->QP, 16, NULL );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( &pk ) == POLARSSL_PK_ECKEY )
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
|
||||
{
|
||||
ecp_keypair *ecp = pk_ec( pk );
|
||||
mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
|
||||
mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
|
||||
mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
|
||||
mpi_write_file( "D : ", &ecp->d , 16, NULL );
|
||||
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
|
||||
mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
|
||||
mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
polarssl_printf("Do not know how to print key information for this type\n" );
|
||||
mbedtls_printf("Do not know how to print key information for this type\n" );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
@@ -222,41 +222,41 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 1.1. Load the key
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the public key ..." );
|
||||
mbedtls_printf( "\n . Loading the public key ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = pk_parse_public_keyfile( &pk, opt.filename );
|
||||
ret = mbedtls_pk_parse_public_keyfile( &pk, opt.filename );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_public_keyfile returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
polarssl_printf( " . Key information ...\n" );
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( &pk ) == POLARSSL_PK_RSA )
|
||||
mbedtls_printf( " . Key information ...\n" );
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
|
||||
{
|
||||
rsa_context *rsa = pk_rsa( pk );
|
||||
mpi_write_file( "N: ", &rsa->N, 16, NULL );
|
||||
mpi_write_file( "E: ", &rsa->E, 16, NULL );
|
||||
mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk );
|
||||
mbedtls_mpi_write_file( "N: ", &rsa->N, 16, NULL );
|
||||
mbedtls_mpi_write_file( "E: ", &rsa->E, 16, NULL );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( &pk ) == POLARSSL_PK_ECKEY )
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
|
||||
{
|
||||
ecp_keypair *ecp = pk_ec( pk );
|
||||
mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
|
||||
mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
|
||||
mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
|
||||
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
|
||||
mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
polarssl_printf("Do not know how to print key information for this type\n" );
|
||||
mbedtls_printf("Do not know how to print key information for this type\n" );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
@@ -265,18 +265,18 @@ int main( int argc, char *argv[] )
|
||||
|
||||
exit:
|
||||
|
||||
#if defined(POLARSSL_ERROR_C)
|
||||
polarssl_strerror( ret, buf, sizeof(buf) );
|
||||
polarssl_printf( " ! Last error was: %s\n", buf );
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
mbedtls_strerror( ret, buf, sizeof(buf) );
|
||||
mbedtls_printf( " ! Last error was: %s\n", buf );
|
||||
#endif
|
||||
|
||||
pk_free( &pk );
|
||||
mbedtls_pk_free( &pk );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,20 +20,20 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/pk.h"
|
||||
#include "mbedtls/error.h"
|
||||
@@ -42,7 +42,7 @@
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PEM_WRITE_C)
|
||||
#if defined(MBEDTLS_PEM_WRITE_C)
|
||||
#define USAGE_OUT \
|
||||
" output_file=%%s default: keyfile.pem\n" \
|
||||
" output_format=pem|der default: pem\n"
|
||||
@@ -52,7 +52,7 @@
|
||||
" output_format=der default: der\n"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PEM_WRITE_C)
|
||||
#if defined(MBEDTLS_PEM_WRITE_C)
|
||||
#define DFL_OUTPUT_FILENAME "keyfile.pem"
|
||||
#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_PEM
|
||||
#else
|
||||
@@ -85,10 +85,10 @@
|
||||
USAGE_OUT \
|
||||
"\n"
|
||||
|
||||
#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO not defined.\n" );
|
||||
mbedtls_printf( "MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n" );
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -104,7 +104,7 @@ struct options
|
||||
int output_format; /* the output format to use */
|
||||
} opt;
|
||||
|
||||
static int write_public_key( pk_context *key, const char *output_file )
|
||||
static int write_public_key( mbedtls_pk_context *key, const char *output_file )
|
||||
{
|
||||
int ret;
|
||||
FILE *f;
|
||||
@@ -114,10 +114,10 @@ static int write_public_key( pk_context *key, const char *output_file )
|
||||
|
||||
memset(output_buf, 0, 16000);
|
||||
|
||||
#if defined(POLARSSL_PEM_WRITE_C)
|
||||
#if defined(MBEDTLS_PEM_WRITE_C)
|
||||
if( opt.output_format == OUTPUT_FORMAT_PEM )
|
||||
{
|
||||
if( ( ret = pk_write_pubkey_pem( key, output_buf, 16000 ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_write_pubkey_pem( key, output_buf, 16000 ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
len = strlen( (char *) output_buf );
|
||||
@@ -125,7 +125,7 @@ static int write_public_key( pk_context *key, const char *output_file )
|
||||
else
|
||||
#endif
|
||||
{
|
||||
if( ( ret = pk_write_pubkey_der( key, output_buf, 16000 ) ) < 0 )
|
||||
if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf, 16000 ) ) < 0 )
|
||||
return( ret );
|
||||
|
||||
len = ret;
|
||||
@@ -146,7 +146,7 @@ static int write_public_key( pk_context *key, const char *output_file )
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
static int write_private_key( pk_context *key, const char *output_file )
|
||||
static int write_private_key( mbedtls_pk_context *key, const char *output_file )
|
||||
{
|
||||
int ret;
|
||||
FILE *f;
|
||||
@@ -156,10 +156,10 @@ static int write_private_key( pk_context *key, const char *output_file )
|
||||
|
||||
memset(output_buf, 0, 16000);
|
||||
|
||||
#if defined(POLARSSL_PEM_WRITE_C)
|
||||
#if defined(MBEDTLS_PEM_WRITE_C)
|
||||
if( opt.output_format == OUTPUT_FORMAT_PEM )
|
||||
{
|
||||
if( ( ret = pk_write_key_pem( key, output_buf, 16000 ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_write_key_pem( key, output_buf, 16000 ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
len = strlen( (char *) output_buf );
|
||||
@@ -167,7 +167,7 @@ static int write_private_key( pk_context *key, const char *output_file )
|
||||
else
|
||||
#endif
|
||||
{
|
||||
if( ( ret = pk_write_key_der( key, output_buf, 16000 ) ) < 0 )
|
||||
if( ( ret = mbedtls_pk_write_key_der( key, output_buf, 16000 ) ) < 0 )
|
||||
return( ret );
|
||||
|
||||
len = ret;
|
||||
@@ -191,7 +191,7 @@ static int write_private_key( pk_context *key, const char *output_file )
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0;
|
||||
pk_context key;
|
||||
mbedtls_pk_context key;
|
||||
char buf[1024];
|
||||
int i;
|
||||
char *p, *q;
|
||||
@@ -199,14 +199,14 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Set to sane values
|
||||
*/
|
||||
pk_init( &key );
|
||||
mbedtls_pk_init( &key );
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
usage:
|
||||
ret = 1;
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -243,7 +243,7 @@ int main( int argc, char *argv[] )
|
||||
}
|
||||
else if( strcmp( p, "output_format" ) == 0 )
|
||||
{
|
||||
#if defined(POLARSSL_PEM_WRITE_C)
|
||||
#if defined(MBEDTLS_PEM_WRITE_C)
|
||||
if( strcmp( q, "pem" ) == 0 )
|
||||
opt.output_format = OUTPUT_FORMAT_PEM;
|
||||
else
|
||||
@@ -263,13 +263,13 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( opt.mode == MODE_NONE && opt.output_mode != OUTPUT_MODE_NONE )
|
||||
{
|
||||
polarssl_printf( "\nCannot output a key without reading one.\n");
|
||||
mbedtls_printf( "\nCannot output a key without reading one.\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( opt.mode == MODE_PUBLIC && opt.output_mode == OUTPUT_MODE_PRIVATE )
|
||||
{
|
||||
polarssl_printf( "\nCannot output a private key from a public key.\n");
|
||||
mbedtls_printf( "\nCannot output a private key from a public key.\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -278,52 +278,52 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 1.1. Load the key
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the private key ..." );
|
||||
mbedtls_printf( "\n . Loading the private key ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = pk_parse_keyfile( &key, opt.filename, NULL );
|
||||
ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
polarssl_printf( " failed\n ! pk_parse_keyfile returned -0x%04x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.2 Print the key
|
||||
*/
|
||||
polarssl_printf( " . Key information ...\n" );
|
||||
mbedtls_printf( " . Key information ...\n" );
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( &key ) == POLARSSL_PK_RSA )
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA )
|
||||
{
|
||||
rsa_context *rsa = pk_rsa( key );
|
||||
mpi_write_file( "N: ", &rsa->N, 16, NULL );
|
||||
mpi_write_file( "E: ", &rsa->E, 16, NULL );
|
||||
mpi_write_file( "D: ", &rsa->D, 16, NULL );
|
||||
mpi_write_file( "P: ", &rsa->P, 16, NULL );
|
||||
mpi_write_file( "Q: ", &rsa->Q, 16, NULL );
|
||||
mpi_write_file( "DP: ", &rsa->DP, 16, NULL );
|
||||
mpi_write_file( "DQ: ", &rsa->DQ, 16, NULL );
|
||||
mpi_write_file( "QP: ", &rsa->QP, 16, NULL );
|
||||
mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key );
|
||||
mbedtls_mpi_write_file( "N: ", &rsa->N, 16, NULL );
|
||||
mbedtls_mpi_write_file( "E: ", &rsa->E, 16, NULL );
|
||||
mbedtls_mpi_write_file( "D: ", &rsa->D, 16, NULL );
|
||||
mbedtls_mpi_write_file( "P: ", &rsa->P, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q: ", &rsa->Q, 16, NULL );
|
||||
mbedtls_mpi_write_file( "DP: ", &rsa->DP, 16, NULL );
|
||||
mbedtls_mpi_write_file( "DQ: ", &rsa->DQ, 16, NULL );
|
||||
mbedtls_mpi_write_file( "QP: ", &rsa->QP, 16, NULL );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( &key ) == POLARSSL_PK_ECKEY )
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY )
|
||||
{
|
||||
ecp_keypair *ecp = pk_ec( key );
|
||||
mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
|
||||
mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
|
||||
mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
|
||||
mpi_write_file( "D : ", &ecp->d , 16, NULL );
|
||||
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key );
|
||||
mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
|
||||
mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
polarssl_printf("key type not supported yet\n");
|
||||
mbedtls_printf("key type not supported yet\n");
|
||||
|
||||
}
|
||||
else if( opt.mode == MODE_PUBLIC )
|
||||
@@ -331,45 +331,45 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 1.1. Load the key
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the public key ..." );
|
||||
mbedtls_printf( "\n . Loading the public key ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = pk_parse_public_keyfile( &key, opt.filename );
|
||||
ret = mbedtls_pk_parse_public_keyfile( &key, opt.filename );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
polarssl_printf( " failed\n ! pk_parse_public_key returned -0x%04x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_key returned -0x%04x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.2 Print the key
|
||||
*/
|
||||
polarssl_printf( " . Key information ...\n" );
|
||||
mbedtls_printf( " . Key information ...\n" );
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( &key ) == POLARSSL_PK_RSA )
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA )
|
||||
{
|
||||
rsa_context *rsa = pk_rsa( key );
|
||||
mpi_write_file( "N: ", &rsa->N, 16, NULL );
|
||||
mpi_write_file( "E: ", &rsa->E, 16, NULL );
|
||||
mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key );
|
||||
mbedtls_mpi_write_file( "N: ", &rsa->N, 16, NULL );
|
||||
mbedtls_mpi_write_file( "E: ", &rsa->E, 16, NULL );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( &key ) == POLARSSL_PK_ECKEY )
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY )
|
||||
{
|
||||
ecp_keypair *ecp = pk_ec( key );
|
||||
mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
|
||||
mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
|
||||
mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
|
||||
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key );
|
||||
mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
|
||||
mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
polarssl_printf("key type not supported yet\n");
|
||||
mbedtls_printf("key type not supported yet\n");
|
||||
}
|
||||
else
|
||||
goto usage;
|
||||
@@ -387,21 +387,21 @@ exit:
|
||||
|
||||
if( ret != 0 && ret != 1)
|
||||
{
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
polarssl_strerror( ret, buf, sizeof( buf ) );
|
||||
polarssl_printf( " - %s\n", buf );
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
mbedtls_strerror( ret, buf, sizeof( buf ) );
|
||||
mbedtls_printf( " - %s\n", buf );
|
||||
#else
|
||||
polarssl_printf("\n");
|
||||
mbedtls_printf("\n");
|
||||
#endif
|
||||
}
|
||||
|
||||
pk_free( &key );
|
||||
mbedtls_pk_free( &key );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_PK_WRITE_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,91 +20,91 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/bignum.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
int main( void )
|
||||
{
|
||||
int ret;
|
||||
mpi E, P, Q, N, H, D, X, Y, Z;
|
||||
mbedtls_mpi E, P, Q, N, H, D, X, Y, Z;
|
||||
|
||||
mpi_init( &E ); mpi_init( &P ); mpi_init( &Q ); mpi_init( &N );
|
||||
mpi_init( &H ); mpi_init( &D ); mpi_init( &X ); mpi_init( &Y );
|
||||
mpi_init( &Z );
|
||||
mbedtls_mpi_init( &E ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &N );
|
||||
mbedtls_mpi_init( &H ); mbedtls_mpi_init( &D ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
|
||||
mbedtls_mpi_init( &Z );
|
||||
|
||||
MPI_CHK( mpi_read_string( &P, 10, "2789" ) );
|
||||
MPI_CHK( mpi_read_string( &Q, 10, "3203" ) );
|
||||
MPI_CHK( mpi_read_string( &E, 10, "257" ) );
|
||||
MPI_CHK( mpi_mul_mpi( &N, &P, &Q ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P, 10, "2789" ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &Q, 10, "3203" ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &E, 10, "257" ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &N, &P, &Q ) );
|
||||
|
||||
polarssl_printf( "\n Public key:\n\n" );
|
||||
MPI_CHK( mpi_write_file( " N = ", &N, 10, NULL ) );
|
||||
MPI_CHK( mpi_write_file( " E = ", &E, 10, NULL ) );
|
||||
mbedtls_printf( "\n Public key:\n\n" );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " N = ", &N, 10, NULL ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " E = ", &E, 10, NULL ) );
|
||||
|
||||
polarssl_printf( "\n Private key:\n\n" );
|
||||
MPI_CHK( mpi_write_file( " P = ", &P, 10, NULL ) );
|
||||
MPI_CHK( mpi_write_file( " Q = ", &Q, 10, NULL ) );
|
||||
mbedtls_printf( "\n Private key:\n\n" );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " P = ", &P, 10, NULL ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " Q = ", &Q, 10, NULL ) );
|
||||
|
||||
#if defined(POLARSSL_GENPRIME)
|
||||
MPI_CHK( mpi_sub_int( &P, &P, 1 ) );
|
||||
MPI_CHK( mpi_sub_int( &Q, &Q, 1 ) );
|
||||
MPI_CHK( mpi_mul_mpi( &H, &P, &Q ) );
|
||||
MPI_CHK( mpi_inv_mod( &D, &E, &H ) );
|
||||
#if defined(MBEDTLS_GENPRIME)
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P, &P, 1 ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q, &Q, 1 ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &P, &Q ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &D, &E, &H ) );
|
||||
|
||||
mpi_write_file( " D = E^-1 mod (P-1)*(Q-1) = ",
|
||||
mbedtls_mpi_write_file( " D = E^-1 mod (P-1)*(Q-1) = ",
|
||||
&D, 10, NULL );
|
||||
#else
|
||||
polarssl_printf("\nTest skipped (POLARSSL_GENPRIME not defined).\n\n");
|
||||
mbedtls_printf("\nTest skipped (MBEDTLS_GENPRIME not defined).\n\n");
|
||||
#endif
|
||||
MPI_CHK( mpi_read_string( &X, 10, "55555" ) );
|
||||
MPI_CHK( mpi_exp_mod( &Y, &X, &E, &N, NULL ) );
|
||||
MPI_CHK( mpi_exp_mod( &Z, &Y, &D, &N, NULL ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &X, 10, "55555" ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &Y, &X, &E, &N, NULL ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &Z, &Y, &D, &N, NULL ) );
|
||||
|
||||
polarssl_printf( "\n RSA operation:\n\n" );
|
||||
MPI_CHK( mpi_write_file( " X (plaintext) = ", &X, 10, NULL ) );
|
||||
MPI_CHK( mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ) );
|
||||
MPI_CHK( mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ) );
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n RSA operation:\n\n" );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " X (plaintext) = ", &X, 10, NULL ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ) );
|
||||
mbedtls_printf( "\n" );
|
||||
|
||||
cleanup:
|
||||
mpi_free( &E ); mpi_free( &P ); mpi_free( &Q ); mpi_free( &N );
|
||||
mpi_free( &H ); mpi_free( &D ); mpi_free( &X ); mpi_free( &Y );
|
||||
mpi_free( &Z );
|
||||
mbedtls_mpi_free( &E ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &N );
|
||||
mbedtls_mpi_free( &H ); mbedtls_mpi_free( &D ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
|
||||
mbedtls_mpi_free( &Z );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( "\nAn error occured.\n" );
|
||||
mbedtls_printf( "\nAn error occured.\n" );
|
||||
ret = 1;
|
||||
}
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,22 +20,22 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) && \
|
||||
defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) && \
|
||||
defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \
|
||||
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \
|
||||
defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/pk.h"
|
||||
#include "mbedtls/entropy.h"
|
||||
@@ -46,14 +46,14 @@
|
||||
#endif
|
||||
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_PK_PARSE_C) || \
|
||||
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) || \
|
||||
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_PK_PARSE_C and/or "
|
||||
"POLARSSL_FS_IO and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or "
|
||||
"MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or "
|
||||
"MBEDTLS_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -62,12 +62,12 @@ int main( int argc, char *argv[] )
|
||||
FILE *f;
|
||||
int ret, c;
|
||||
size_t i, olen = 0;
|
||||
pk_context pk;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_pk_context pk;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
unsigned char result[1024];
|
||||
unsigned char buf[512];
|
||||
const char *pers = "pk_decrypt";
|
||||
const char *pers = "mbedtls_pk_decrypt";
|
||||
((void) argv);
|
||||
|
||||
memset(result, 0, sizeof( result ) );
|
||||
@@ -75,35 +75,35 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( argc != 2 )
|
||||
{
|
||||
polarssl_printf( "usage: pk_decrypt <key_file>\n" );
|
||||
mbedtls_printf( "usage: mbedtls_pk_decrypt <key_file>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Reading private key from '%s'", argv[1] );
|
||||
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
|
||||
fflush( stdout );
|
||||
|
||||
pk_init( &pk );
|
||||
mbedtls_pk_init( &pk );
|
||||
|
||||
if( ( ret = pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_keyfile returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -114,7 +114,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "\n ! Could not open %s\n\n", "result-enc.txt" );
|
||||
mbedtls_printf( "\n ! Could not open %s\n\n", "result-enc.txt" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -129,37 +129,37 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Decrypt the encrypted RSA data and print the result.
|
||||
*/
|
||||
polarssl_printf( "\n . Decrypting the encrypted data" );
|
||||
mbedtls_printf( "\n . Decrypting the encrypted data" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = pk_decrypt( &pk, buf, i, result, &olen, sizeof(result),
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_decrypt( &pk, buf, i, result, &olen, sizeof(result),
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_decrypt returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_decrypt returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . OK\n\n" );
|
||||
mbedtls_printf( "\n . OK\n\n" );
|
||||
|
||||
polarssl_printf( "The decrypted result is: '%s'\n\n", result );
|
||||
mbedtls_printf( "The decrypted result is: '%s'\n\n", result );
|
||||
|
||||
ret = 0;
|
||||
|
||||
exit:
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(POLARSSL_ERROR_C)
|
||||
polarssl_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
polarssl_printf( " ! Last error was: %s\n", buf );
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
mbedtls_printf( " ! Last error was: %s\n", buf );
|
||||
#endif
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
|
||||
POLARSSL_ENTROPY_C && POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
|
||||
MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -20,23 +20,23 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) && \
|
||||
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \
|
||||
defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \
|
||||
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \
|
||||
defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/pk.h"
|
||||
#include "mbedtls/entropy.h"
|
||||
@@ -46,14 +46,14 @@
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_PK_PARSE_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \
|
||||
!defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_PK_PARSE_C and/or "
|
||||
"POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or "
|
||||
"MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or "
|
||||
"MBEDTLS_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -62,52 +62,52 @@ int main( int argc, char *argv[] )
|
||||
FILE *f;
|
||||
int ret;
|
||||
size_t i, olen = 0;
|
||||
pk_context pk;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_pk_context pk;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
unsigned char input[1024];
|
||||
unsigned char buf[512];
|
||||
const char *pers = "pk_encrypt";
|
||||
const char *pers = "mbedtls_pk_encrypt";
|
||||
|
||||
ret = 1;
|
||||
|
||||
if( argc != 3 )
|
||||
{
|
||||
polarssl_printf( "usage: pk_encrypt <key_file> <string of max 100 characters>\n" );
|
||||
mbedtls_printf( "usage: mbedtls_pk_encrypt <key_file> <string of max 100 characters>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Reading public key from '%s'", argv[1] );
|
||||
mbedtls_printf( "\n . Reading public key from '%s'", argv[1] );
|
||||
fflush( stdout );
|
||||
|
||||
pk_init( &pk );
|
||||
mbedtls_pk_init( &pk );
|
||||
|
||||
if( ( ret = pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_public_keyfile returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( strlen( argv[2] ) > 100 )
|
||||
{
|
||||
polarssl_printf( " Input data larger than 100 characters.\n\n" );
|
||||
mbedtls_printf( " Input data larger than 100 characters.\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -116,14 +116,14 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Calculate the RSA encryption of the hash.
|
||||
*/
|
||||
polarssl_printf( "\n . Generating the encrypted value" );
|
||||
mbedtls_printf( "\n . Generating the encrypted value" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = pk_encrypt( &pk, input, strlen( argv[2] ),
|
||||
if( ( ret = mbedtls_pk_encrypt( &pk, input, strlen( argv[2] ),
|
||||
buf, &olen, sizeof(buf),
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_encrypt returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_encrypt returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -133,33 +133,33 @@ int main( int argc, char *argv[] )
|
||||
if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not create %s\n\n", "result-enc.txt" );
|
||||
mbedtls_printf( " failed\n ! Could not create %s\n\n", "result-enc.txt" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
for( i = 0; i < olen; i++ )
|
||||
polarssl_fprintf( f, "%02X%s", buf[i],
|
||||
mbedtls_fprintf( f, "%02X%s", buf[i],
|
||||
( i + 1 ) % 16 == 0 ? "\r\n" : " " );
|
||||
|
||||
fclose( f );
|
||||
|
||||
polarssl_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" );
|
||||
mbedtls_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" );
|
||||
|
||||
exit:
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(POLARSSL_ERROR_C)
|
||||
polarssl_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
polarssl_printf( " ! Last error was: %s\n", buf );
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
mbedtls_printf( " ! Last error was: %s\n", buf );
|
||||
#endif
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_PK_PARSE_C && POLARSSL_ENTROPY_C &&
|
||||
POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_ENTROPY_C &&
|
||||
MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -20,25 +20,25 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_snprintf snprintf
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_snprintf snprintf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#define mbedtls_printf printf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
|
||||
defined(POLARSSL_SHA256_C) && \
|
||||
defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) && \
|
||||
defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
|
||||
defined(MBEDTLS_SHA256_C) && \
|
||||
defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) && \
|
||||
defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
@@ -54,16 +54,16 @@
|
||||
#define snprintf _snprintf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_SHA256_C) || \
|
||||
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_SHA256_C) || \
|
||||
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
|
||||
!defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_SHA256_C and/or "
|
||||
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
|
||||
"MBEDTLS_SHA256_C and/or "
|
||||
"MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
|
||||
"MBEDTLS_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -71,47 +71,47 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
FILE *f;
|
||||
int ret = 1;
|
||||
pk_context pk;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_pk_context pk;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
unsigned char hash[20];
|
||||
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
|
||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
||||
char filename[512];
|
||||
const char *pers = "pk_sign";
|
||||
const char *pers = "mbedtls_pk_sign";
|
||||
size_t olen = 0;
|
||||
|
||||
entropy_init( &entropy );
|
||||
pk_init( &pk );
|
||||
mbedtls_entropy_init( &entropy );
|
||||
mbedtls_pk_init( &pk );
|
||||
|
||||
if( argc != 3 )
|
||||
{
|
||||
polarssl_printf( "usage: pk_sign <key_file> <filename>\n" );
|
||||
mbedtls_printf( "usage: mbedtls_pk_sign <key_file> <filename>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Reading private key from '%s'", argv[1] );
|
||||
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not open '%s'\n", argv[1] );
|
||||
mbedtls_printf( " failed\n ! Could not open '%s'\n", argv[1] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -119,61 +119,61 @@ int main( int argc, char *argv[] )
|
||||
* Compute the SHA-256 hash of the input file,
|
||||
* then calculate the signature of the hash.
|
||||
*/
|
||||
polarssl_printf( "\n . Generating the SHA-256 signature" );
|
||||
mbedtls_printf( "\n . Generating the SHA-256 signature" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
|
||||
if( ( ret = mbedtls_sha1_file( argv[2], hash ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Could not open or read %s\n\n", argv[2] );
|
||||
mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA256, hash, 0, buf, &olen,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen,
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_sign returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_sign returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Write the signature into <filename>-sig.txt
|
||||
*/
|
||||
polarssl_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
|
||||
mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
|
||||
|
||||
if( ( f = fopen( filename, "wb+" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not create %s\n\n", filename );
|
||||
mbedtls_printf( " failed\n ! Could not create %s\n\n", filename );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( fwrite( buf, 1, olen, f ) != olen )
|
||||
{
|
||||
polarssl_printf( "failed\n ! fwrite failed\n\n" );
|
||||
mbedtls_printf( "failed\n ! fwrite failed\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
|
||||
polarssl_printf( "\n . Done (created \"%s\")\n\n", filename );
|
||||
mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename );
|
||||
|
||||
exit:
|
||||
pk_free( &pk );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_pk_free( &pk );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(POLARSSL_ERROR_C)
|
||||
polarssl_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
polarssl_printf( " ! Last error was: %s\n", buf );
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
mbedtls_printf( " ! Last error was: %s\n", buf );
|
||||
#endif
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C &&
|
||||
POLARSSL_SHA256_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
|
||||
POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C &&
|
||||
MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
|
||||
MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -20,24 +20,24 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_snprintf snprintf
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_snprintf snprintf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#define mbedtls_printf printf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && \
|
||||
defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) && \
|
||||
defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && \
|
||||
defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_PK_PARSE_C) && \
|
||||
defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/md.h"
|
||||
#include "mbedtls/pk.h"
|
||||
@@ -51,14 +51,14 @@
|
||||
#define snprintf _snprintf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || \
|
||||
!defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \
|
||||
!defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || \
|
||||
!defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) || \
|
||||
!defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or "
|
||||
"POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or "
|
||||
"POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or "
|
||||
"MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or "
|
||||
"MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -67,30 +67,30 @@ int main( int argc, char *argv[] )
|
||||
FILE *f;
|
||||
int ret = 1;
|
||||
size_t i;
|
||||
pk_context pk;
|
||||
mbedtls_pk_context pk;
|
||||
unsigned char hash[20];
|
||||
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
|
||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
||||
char filename[512];
|
||||
|
||||
pk_init( &pk );
|
||||
mbedtls_pk_init( &pk );
|
||||
|
||||
if( argc != 3 )
|
||||
{
|
||||
polarssl_printf( "usage: pk_verify <key_file> <filename>\n" );
|
||||
mbedtls_printf( "usage: mbedtls_pk_verify <key_file> <filename>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Reading public key from '%s'", argv[1] );
|
||||
mbedtls_printf( "\n . Reading public key from '%s'", argv[1] );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_public_keyfile returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -98,11 +98,11 @@ int main( int argc, char *argv[] )
|
||||
* Extract the signature from the text file
|
||||
*/
|
||||
ret = 1;
|
||||
polarssl_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
|
||||
mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
|
||||
|
||||
if( ( f = fopen( filename, "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "\n ! Could not open %s\n\n", filename );
|
||||
mbedtls_printf( "\n ! Could not open %s\n\n", filename );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -115,40 +115,40 @@ int main( int argc, char *argv[] )
|
||||
* Compute the SHA-256 hash of the input file and compare
|
||||
* it with the hash decrypted from the signature.
|
||||
*/
|
||||
polarssl_printf( "\n . Verifying the SHA-256 signature" );
|
||||
mbedtls_printf( "\n . Verifying the SHA-256 signature" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
|
||||
if( ( ret = mbedtls_sha1_file( argv[2], hash ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Could not open or read %s\n\n", argv[2] );
|
||||
mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA256, hash, 0,
|
||||
if( ( ret = mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, 0,
|
||||
buf, i ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_verify returned -0x%04x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_verify returned -0x%04x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
|
||||
mbedtls_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
|
||||
|
||||
ret = 0;
|
||||
|
||||
exit:
|
||||
pk_free( &pk );
|
||||
mbedtls_pk_free( &pk );
|
||||
|
||||
#if defined(POLARSSL_ERROR_C)
|
||||
polarssl_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
polarssl_printf( " ! Last error was: %s\n", buf );
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
|
||||
mbedtls_printf( " ! Last error was: %s\n", buf );
|
||||
#endif
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_SHA256_C &&
|
||||
POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C &&
|
||||
MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,22 +20,22 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
|
||||
defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) && \
|
||||
defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
|
||||
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \
|
||||
defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/rsa.h"
|
||||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
@@ -44,14 +44,14 @@
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_FS_IO and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or "
|
||||
"MBEDTLS_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -60,9 +60,9 @@ int main( int argc, char *argv[] )
|
||||
FILE *f;
|
||||
int ret, c;
|
||||
size_t i;
|
||||
rsa_context rsa;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_rsa_context rsa;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
unsigned char result[1024];
|
||||
unsigned char buf[512];
|
||||
const char *pers = "rsa_decrypt";
|
||||
@@ -73,53 +73,53 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( argc != 1 )
|
||||
{
|
||||
polarssl_printf( "usage: rsa_decrypt\n" );
|
||||
mbedtls_printf( "usage: rsa_decrypt\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Reading private key from rsa_priv.txt" );
|
||||
mbedtls_printf( "\n . Reading private key from rsa_priv.txt" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Could not open rsa_priv.txt\n" \
|
||||
mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \
|
||||
" ! Please run rsa_genkey first\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
|
||||
|
||||
if( ( ret = mpi_read_file( &rsa.N , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.E , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.D , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.P , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.Q , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.DP, 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.DQ, 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.QP, 16, f ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_read_file( &rsa.N , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.E , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.D , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.P , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.Q , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.DP, 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.DQ, 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.QP, 16, f ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_read_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
rsa.len = ( mbedtls_mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
|
||||
fclose( f );
|
||||
|
||||
@@ -130,7 +130,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "\n ! Could not open %s\n\n", "result-enc.txt" );
|
||||
mbedtls_printf( "\n ! Could not open %s\n\n", "result-enc.txt" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -144,39 +144,39 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( i != rsa.len )
|
||||
{
|
||||
polarssl_printf( "\n ! Invalid RSA signature format\n\n" );
|
||||
mbedtls_printf( "\n ! Invalid RSA signature format\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Decrypt the encrypted RSA data and print the result.
|
||||
*/
|
||||
polarssl_printf( "\n . Decrypting the encrypted data" );
|
||||
mbedtls_printf( "\n . Decrypting the encrypted data" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = rsa_pkcs1_decrypt( &rsa, ctr_drbg_random, &ctr_drbg,
|
||||
RSA_PRIVATE, &i, buf, result,
|
||||
if( ( ret = mbedtls_rsa_pkcs1_decrypt( &rsa, mbedtls_ctr_drbg_random, &ctr_drbg,
|
||||
MBEDTLS_RSA_PRIVATE, &i, buf, result,
|
||||
1024 ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_pkcs1_decrypt returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_decrypt returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . OK\n\n" );
|
||||
mbedtls_printf( "\n . OK\n\n" );
|
||||
|
||||
polarssl_printf( "The decrypted result is: '%s'\n\n", result );
|
||||
mbedtls_printf( "The decrypted result is: '%s'\n\n", result );
|
||||
|
||||
ret = 0;
|
||||
|
||||
exit:
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,23 +20,23 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
|
||||
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \
|
||||
defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
|
||||
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \
|
||||
defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/rsa.h"
|
||||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
@@ -45,14 +45,14 @@
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \
|
||||
!defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or "
|
||||
"MBEDTLS_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -61,9 +61,9 @@ int main( int argc, char *argv[] )
|
||||
FILE *f;
|
||||
int ret;
|
||||
size_t i;
|
||||
rsa_context rsa;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_rsa_context rsa;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
unsigned char input[1024];
|
||||
unsigned char buf[512];
|
||||
const char *pers = "rsa_encrypt";
|
||||
@@ -72,54 +72,54 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( argc != 2 )
|
||||
{
|
||||
polarssl_printf( "usage: rsa_encrypt <string of max 100 characters>\n" );
|
||||
mbedtls_printf( "usage: rsa_encrypt <string of max 100 characters>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Reading public key from rsa_pub.txt" );
|
||||
mbedtls_printf( "\n . Reading public key from rsa_pub.txt" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not open rsa_pub.txt\n" \
|
||||
mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \
|
||||
" ! Please run rsa_genkey first\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
|
||||
|
||||
if( ( ret = mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.E, 16, f ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_read_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
rsa.len = ( mbedtls_mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
|
||||
fclose( f );
|
||||
|
||||
if( strlen( argv[1] ) > 100 )
|
||||
{
|
||||
polarssl_printf( " Input data larger than 100 characters.\n\n" );
|
||||
mbedtls_printf( " Input data larger than 100 characters.\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -128,14 +128,14 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* Calculate the RSA encryption of the hash.
|
||||
*/
|
||||
polarssl_printf( "\n . Generating the RSA encrypted value" );
|
||||
mbedtls_printf( "\n . Generating the RSA encrypted value" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = rsa_pkcs1_encrypt( &rsa, ctr_drbg_random, &ctr_drbg,
|
||||
RSA_PUBLIC, strlen( argv[1] ),
|
||||
if( ( ret = mbedtls_rsa_pkcs1_encrypt( &rsa, mbedtls_ctr_drbg_random, &ctr_drbg,
|
||||
MBEDTLS_RSA_PUBLIC, strlen( argv[1] ),
|
||||
input, buf ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_pkcs1_encrypt returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -145,28 +145,28 @@ int main( int argc, char *argv[] )
|
||||
if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not create %s\n\n", "result-enc.txt" );
|
||||
mbedtls_printf( " failed\n ! Could not create %s\n\n", "result-enc.txt" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
for( i = 0; i < rsa.len; i++ )
|
||||
polarssl_fprintf( f, "%02X%s", buf[i],
|
||||
mbedtls_fprintf( f, "%02X%s", buf[i],
|
||||
( i + 1 ) % 16 == 0 ? "\r\n" : " " );
|
||||
|
||||
fclose( f );
|
||||
|
||||
polarssl_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" );
|
||||
mbedtls_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" );
|
||||
|
||||
exit:
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_ENTROPY_C &&
|
||||
POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_ENTROPY_C &&
|
||||
MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -20,22 +20,22 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
|
||||
defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME) && \
|
||||
defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
|
||||
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) && \
|
||||
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
#include "mbedtls/bignum.h"
|
||||
@@ -49,92 +49,92 @@
|
||||
#define KEY_SIZE 1024
|
||||
#define EXPONENT 65537
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_GENPRIME) || \
|
||||
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_GENPRIME) || \
|
||||
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_RSA_C and/or POLARSSL_GENPRIME and/or "
|
||||
"POLARSSL_FS_IO and/or POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
|
||||
"MBEDTLS_RSA_C and/or MBEDTLS_GENPRIME and/or "
|
||||
"MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
int main( void )
|
||||
{
|
||||
int ret;
|
||||
rsa_context rsa;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_rsa_context rsa;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
FILE *fpub = NULL;
|
||||
FILE *fpriv = NULL;
|
||||
const char *pers = "rsa_genkey";
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE );
|
||||
mbedtls_printf( " ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE );
|
||||
fflush( stdout );
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
|
||||
|
||||
if( ( ret = rsa_gen_key( &rsa, ctr_drbg_random, &ctr_drbg, KEY_SIZE,
|
||||
if( ( ret = mbedtls_rsa_gen_key( &rsa, mbedtls_ctr_drbg_random, &ctr_drbg, KEY_SIZE,
|
||||
EXPONENT ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_gen_key returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_gen_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n . Exporting the public key in rsa_pub.txt...." );
|
||||
mbedtls_printf( " ok\n . Exporting the public key in rsa_pub.txt...." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( fpub = fopen( "rsa_pub.txt", "wb+" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( " failed\n ! could not open rsa_pub.txt for writing\n\n" );
|
||||
mbedtls_printf( " failed\n ! could not open rsa_pub.txt for writing\n\n" );
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = mpi_write_file( "N = ", &rsa.N, 16, fpub ) ) != 0 ||
|
||||
( ret = mpi_write_file( "E = ", &rsa.E, 16, fpub ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_write_file( "N = ", &rsa.N, 16, fpub ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_write_file( "E = ", &rsa.E, 16, fpub ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_write_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n . Exporting the private key in rsa_priv.txt..." );
|
||||
mbedtls_printf( " ok\n . Exporting the private key in rsa_priv.txt..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( fpriv = fopen( "rsa_priv.txt", "wb+" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( " failed\n ! could not open rsa_priv.txt for writing\n" );
|
||||
mbedtls_printf( " failed\n ! could not open rsa_priv.txt for writing\n" );
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = mpi_write_file( "N = " , &rsa.N , 16, fpriv ) ) != 0 ||
|
||||
( ret = mpi_write_file( "E = " , &rsa.E , 16, fpriv ) ) != 0 ||
|
||||
( ret = mpi_write_file( "D = " , &rsa.D , 16, fpriv ) ) != 0 ||
|
||||
( ret = mpi_write_file( "P = " , &rsa.P , 16, fpriv ) ) != 0 ||
|
||||
( ret = mpi_write_file( "Q = " , &rsa.Q , 16, fpriv ) ) != 0 ||
|
||||
( ret = mpi_write_file( "DP = ", &rsa.DP, 16, fpriv ) ) != 0 ||
|
||||
( ret = mpi_write_file( "DQ = ", &rsa.DQ, 16, fpriv ) ) != 0 ||
|
||||
( ret = mpi_write_file( "QP = ", &rsa.QP, 16, fpriv ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_write_file( "N = " , &rsa.N , 16, fpriv ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_write_file( "E = " , &rsa.E , 16, fpriv ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_write_file( "D = " , &rsa.D , 16, fpriv ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_write_file( "P = " , &rsa.P , 16, fpriv ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_write_file( "Q = " , &rsa.Q , 16, fpriv ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_write_file( "DP = ", &rsa.DP, 16, fpriv ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_write_file( "DQ = ", &rsa.DQ, 16, fpriv ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_write_file( "QP = ", &rsa.QP, 16, fpriv ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_write_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
/*
|
||||
polarssl_printf( " ok\n . Generating the certificate..." );
|
||||
mbedtls_printf( " ok\n . Generating the certificate..." );
|
||||
|
||||
x509write_init_raw( &cert );
|
||||
x509write_add_pubkey( &cert, &rsa );
|
||||
@@ -146,7 +146,7 @@ int main( void )
|
||||
x509write_crtfile( &cert, "cert.pem", X509_OUTPUT_PEM );
|
||||
x509write_free_raw( &cert );
|
||||
*/
|
||||
polarssl_printf( " ok\n\n" );
|
||||
mbedtls_printf( " ok\n\n" );
|
||||
|
||||
exit:
|
||||
|
||||
@@ -156,16 +156,16 @@ exit:
|
||||
if( fpriv != NULL )
|
||||
fclose( fpriv );
|
||||
|
||||
rsa_free( &rsa );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_rsa_free( &rsa );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C &&
|
||||
POLARSSL_GENPRIME && POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
|
||||
MBEDTLS_GENPRIME && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -20,22 +20,22 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
|
||||
defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
|
||||
defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/rsa.h"
|
||||
#include "mbedtls/sha1.h"
|
||||
|
||||
@@ -43,12 +43,12 @@
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -57,58 +57,58 @@ int main( int argc, char *argv[] )
|
||||
FILE *f;
|
||||
int ret;
|
||||
size_t i;
|
||||
rsa_context rsa;
|
||||
mbedtls_rsa_context rsa;
|
||||
unsigned char hash[20];
|
||||
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
|
||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
||||
|
||||
ret = 1;
|
||||
|
||||
if( argc != 2 )
|
||||
{
|
||||
polarssl_printf( "usage: rsa_sign <filename>\n" );
|
||||
mbedtls_printf( "usage: rsa_sign <filename>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Reading private key from rsa_priv.txt" );
|
||||
mbedtls_printf( "\n . Reading private key from rsa_priv.txt" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not open rsa_priv.txt\n" \
|
||||
mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \
|
||||
" ! Please run rsa_genkey first\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
|
||||
|
||||
if( ( ret = mpi_read_file( &rsa.N , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.E , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.D , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.P , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.Q , 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.DP, 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.DQ, 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.QP, 16, f ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_read_file( &rsa.N , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.E , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.D , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.P , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.Q , 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.DP, 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.DQ, 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.QP, 16, f ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_read_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
rsa.len = ( mbedtls_mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
|
||||
fclose( f );
|
||||
|
||||
polarssl_printf( "\n . Checking the private key" );
|
||||
mbedtls_printf( "\n . Checking the private key" );
|
||||
fflush( stdout );
|
||||
if( ( ret = rsa_check_privkey( &rsa ) ) != 0 )
|
||||
if( ( ret = mbedtls_rsa_check_privkey( &rsa ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_check_privkey failed with -0x%0x\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_check_privkey failed with -0x%0x\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -116,19 +116,19 @@ int main( int argc, char *argv[] )
|
||||
* Compute the SHA-256 hash of the input file,
|
||||
* then calculate the RSA signature of the hash.
|
||||
*/
|
||||
polarssl_printf( "\n . Generating the RSA/SHA-256 signature" );
|
||||
mbedtls_printf( "\n . Generating the RSA/SHA-256 signature" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = sha1_file( argv[1], hash ) ) != 0 )
|
||||
if( ( ret = mbedtls_sha1_file( argv[1], hash ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Could not open or read %s\n\n", argv[1] );
|
||||
mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[1] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA256,
|
||||
if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
|
||||
20, hash, buf ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_pkcs1_sign returned -0x%0x\n\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -140,26 +140,26 @@ int main( int argc, char *argv[] )
|
||||
if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not create %s\n\n", argv[1] );
|
||||
mbedtls_printf( " failed\n ! Could not create %s\n\n", argv[1] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
for( i = 0; i < rsa.len; i++ )
|
||||
polarssl_fprintf( f, "%02X%s", buf[i],
|
||||
mbedtls_fprintf( f, "%02X%s", buf[i],
|
||||
( i + 1 ) % 16 == 0 ? "\r\n" : " " );
|
||||
|
||||
fclose( f );
|
||||
|
||||
polarssl_printf( "\n . Done (created \"%s\")\n\n", argv[1] );
|
||||
mbedtls_printf( "\n . Done (created \"%s\")\n\n", argv[1] );
|
||||
|
||||
exit:
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
|
||||
POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
|
||||
MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,25 +20,25 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_snprintf snprintf
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_snprintf snprintf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#define mbedtls_printf printf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
|
||||
defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \
|
||||
defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) && \
|
||||
defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
|
||||
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
|
||||
defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) && \
|
||||
defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
#include "mbedtls/md.h"
|
||||
@@ -54,16 +54,16 @@
|
||||
#define snprintf _snprintf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \
|
||||
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
|
||||
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
|
||||
!defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_RSA_C and/or POLARSSL_SHA256_C and/or "
|
||||
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
|
||||
"MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or "
|
||||
"MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
|
||||
"MBEDTLS_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -71,114 +71,114 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
FILE *f;
|
||||
int ret = 1;
|
||||
pk_context pk;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_pk_context pk;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
unsigned char hash[20];
|
||||
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
|
||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
||||
char filename[512];
|
||||
const char *pers = "rsa_sign_pss";
|
||||
size_t olen = 0;
|
||||
|
||||
entropy_init( &entropy );
|
||||
pk_init( &pk );
|
||||
mbedtls_entropy_init( &entropy );
|
||||
mbedtls_pk_init( &pk );
|
||||
|
||||
if( argc != 3 )
|
||||
{
|
||||
polarssl_printf( "usage: rsa_sign_pss <key_file> <filename>\n" );
|
||||
mbedtls_printf( "usage: rsa_sign_pss <key_file> <filename>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Reading private key from '%s'", argv[1] );
|
||||
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not read key from '%s'\n", argv[1] );
|
||||
polarssl_printf( " ! pk_parse_public_keyfile returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] );
|
||||
mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( !pk_can_do( &pk, POLARSSL_PK_RSA ) )
|
||||
if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Key is not an RSA key\n" );
|
||||
mbedtls_printf( " failed\n ! Key is not an RSA key\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA256 );
|
||||
mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 );
|
||||
|
||||
/*
|
||||
* Compute the SHA-256 hash of the input file,
|
||||
* then calculate the RSA signature of the hash.
|
||||
*/
|
||||
polarssl_printf( "\n . Generating the RSA/SHA-256 signature" );
|
||||
mbedtls_printf( "\n . Generating the RSA/SHA-256 signature" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
|
||||
if( ( ret = mbedtls_sha1_file( argv[2], hash ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Could not open or read %s\n\n", argv[2] );
|
||||
mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA256, hash, 0, buf, &olen,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen,
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_sign returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_sign returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Write the signature into <filename>-sig.txt
|
||||
*/
|
||||
polarssl_snprintf( filename, 512, "%s.sig", argv[2] );
|
||||
mbedtls_snprintf( filename, 512, "%s.sig", argv[2] );
|
||||
|
||||
if( ( f = fopen( filename, "wb+" ) ) == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Could not create %s\n\n", filename );
|
||||
mbedtls_printf( " failed\n ! Could not create %s\n\n", filename );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( fwrite( buf, 1, olen, f ) != olen )
|
||||
{
|
||||
polarssl_printf( "failed\n ! fwrite failed\n\n" );
|
||||
mbedtls_printf( "failed\n ! fwrite failed\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
|
||||
polarssl_printf( "\n . Done (created \"%s\")\n\n", filename );
|
||||
mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename );
|
||||
|
||||
exit:
|
||||
pk_free( &pk );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_pk_free( &pk );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C &&
|
||||
POLARSSL_SHA256_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
|
||||
POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
|
||||
MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
|
||||
MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -20,21 +20,21 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
|
||||
defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
|
||||
defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/rsa.h"
|
||||
#include "mbedtls/sha1.h"
|
||||
|
||||
@@ -42,12 +42,12 @@
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -56,42 +56,42 @@ int main( int argc, char *argv[] )
|
||||
FILE *f;
|
||||
int ret, c;
|
||||
size_t i;
|
||||
rsa_context rsa;
|
||||
mbedtls_rsa_context rsa;
|
||||
unsigned char hash[20];
|
||||
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
|
||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
||||
|
||||
ret = 1;
|
||||
if( argc != 2 )
|
||||
{
|
||||
polarssl_printf( "usage: rsa_verify <filename>\n" );
|
||||
mbedtls_printf( "usage: rsa_verify <filename>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Reading public key from rsa_pub.txt" );
|
||||
mbedtls_printf( "\n . Reading public key from rsa_pub.txt" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Could not open rsa_pub.txt\n" \
|
||||
mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \
|
||||
" ! Please run rsa_genkey first\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
|
||||
|
||||
if( ( ret = mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
|
||||
( ret = mpi_read_file( &rsa.E, 16, f ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_read_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
rsa.len = ( mbedtls_mpi_msb( &rsa.N ) + 7 ) >> 3;
|
||||
|
||||
fclose( f );
|
||||
|
||||
@@ -104,7 +104,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( ( f = fopen( argv[1], "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "\n ! Could not open %s\n\n", argv[1] );
|
||||
mbedtls_printf( "\n ! Could not open %s\n\n", argv[1] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -118,7 +118,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( i != rsa.len )
|
||||
{
|
||||
polarssl_printf( "\n ! Invalid RSA signature format\n\n" );
|
||||
mbedtls_printf( "\n ! Invalid RSA signature format\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -126,34 +126,34 @@ int main( int argc, char *argv[] )
|
||||
* Compute the SHA-256 hash of the input file and compare
|
||||
* it with the hash decrypted from the RSA signature.
|
||||
*/
|
||||
polarssl_printf( "\n . Verifying the RSA/SHA-256 signature" );
|
||||
mbedtls_printf( "\n . Verifying the RSA/SHA-256 signature" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = sha1_file( argv[1], hash ) ) != 0 )
|
||||
if( ( ret = mbedtls_sha1_file( argv[1], hash ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Could not open or read %s\n\n", argv[1] );
|
||||
mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[1] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC,
|
||||
POLARSSL_MD_SHA256, 20, hash, buf ) ) != 0 )
|
||||
if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
|
||||
MBEDTLS_MD_SHA256, 20, hash, buf ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_pkcs1_verify returned -0x%0x\n\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
|
||||
mbedtls_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
|
||||
|
||||
ret = 0;
|
||||
|
||||
exit:
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
|
||||
POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
|
||||
MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,24 +20,24 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_snprintf snprintf
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_snprintf snprintf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#define mbedtls_printf printf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
|
||||
defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) && \
|
||||
defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
|
||||
defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_PK_PARSE_C) && \
|
||||
defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/md.h"
|
||||
#include "mbedtls/pem.h"
|
||||
#include "mbedtls/pk.h"
|
||||
@@ -52,14 +52,14 @@
|
||||
#define snprintf _snprintf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \
|
||||
!defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) || \
|
||||
!defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or "
|
||||
"POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or "
|
||||
"MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -68,57 +68,57 @@ int main( int argc, char *argv[] )
|
||||
FILE *f;
|
||||
int ret = 1;
|
||||
size_t i;
|
||||
pk_context pk;
|
||||
mbedtls_pk_context pk;
|
||||
unsigned char hash[20];
|
||||
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
|
||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
||||
char filename[512];
|
||||
|
||||
pk_init( &pk );
|
||||
mbedtls_pk_init( &pk );
|
||||
|
||||
if( argc != 3 )
|
||||
{
|
||||
polarssl_printf( "usage: rsa_verify_pss <key_file> <filename>\n" );
|
||||
mbedtls_printf( "usage: rsa_verify_pss <key_file> <filename>\n" );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
#endif
|
||||
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . Reading public key from '%s'", argv[1] );
|
||||
mbedtls_printf( "\n . Reading public key from '%s'", argv[1] );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
|
||||
if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Could not read key from '%s'\n", argv[1] );
|
||||
polarssl_printf( " ! pk_parse_public_keyfile returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] );
|
||||
mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( !pk_can_do( &pk, POLARSSL_PK_RSA ) )
|
||||
if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) )
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf( " failed\n ! Key is not an RSA key\n" );
|
||||
mbedtls_printf( " failed\n ! Key is not an RSA key\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA256 );
|
||||
mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 );
|
||||
|
||||
/*
|
||||
* Extract the RSA signature from the text file
|
||||
*/
|
||||
ret = 1;
|
||||
polarssl_snprintf( filename, 512, "%s.sig", argv[2] );
|
||||
mbedtls_snprintf( filename, 512, "%s.sig", argv[2] );
|
||||
|
||||
if( ( f = fopen( filename, "rb" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "\n ! Could not open %s\n\n", filename );
|
||||
mbedtls_printf( "\n ! Could not open %s\n\n", filename );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
|
||||
i = fread( buf, 1, POLARSSL_MPI_MAX_SIZE, f );
|
||||
i = fread( buf, 1, MBEDTLS_MPI_MAX_SIZE, f );
|
||||
|
||||
fclose( f );
|
||||
|
||||
@@ -126,35 +126,35 @@ int main( int argc, char *argv[] )
|
||||
* Compute the SHA-256 hash of the input file and compare
|
||||
* it with the hash decrypted from the RSA signature.
|
||||
*/
|
||||
polarssl_printf( "\n . Verifying the RSA/SHA-256 signature" );
|
||||
mbedtls_printf( "\n . Verifying the RSA/SHA-256 signature" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
|
||||
if( ( ret = mbedtls_sha1_file( argv[2], hash ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! Could not open or read %s\n\n", argv[2] );
|
||||
mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA256, hash, 0,
|
||||
if( ( ret = mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, 0,
|
||||
buf, i ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_verify returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_verify returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
|
||||
mbedtls_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
|
||||
|
||||
ret = 0;
|
||||
|
||||
exit:
|
||||
pk_free( &pk );
|
||||
mbedtls_pk_free( &pk );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
|
||||
POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
|
||||
MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,30 +20,30 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/entropy.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -51,35 +51,35 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
FILE *f;
|
||||
int i, k, ret;
|
||||
entropy_context entropy;
|
||||
unsigned char buf[ENTROPY_BLOCK_SIZE];
|
||||
mbedtls_entropy_context entropy;
|
||||
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
||||
|
||||
if( argc < 2 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
|
||||
mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "failed to open '%s' for writing.\n", argv[1] );
|
||||
mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
entropy_init( &entropy );
|
||||
mbedtls_entropy_init( &entropy );
|
||||
|
||||
for( i = 0, k = 768; i < k; i++ )
|
||||
{
|
||||
ret = entropy_func( &entropy, buf, sizeof( buf ) );
|
||||
ret = mbedtls_entropy_func( &entropy, buf, sizeof( buf ) );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf("failed!\n");
|
||||
mbedtls_printf("failed!\n");
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
fwrite( buf, 1, sizeof( buf ), f );
|
||||
|
||||
polarssl_printf( "Generating %ldkb of data in file '%s'... %04.1f" \
|
||||
mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \
|
||||
"%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k );
|
||||
fflush( stdout );
|
||||
}
|
||||
@@ -87,11 +87,11 @@ int main( int argc, char *argv[] )
|
||||
ret = 0;
|
||||
|
||||
cleanup:
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
|
||||
fclose( f );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_ENTROPY_C */
|
||||
#endif /* MBEDTLS_ENTROPY_C */
|
||||
|
||||
@@ -20,33 +20,33 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_ENTROPY_C) && \
|
||||
defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C) && \
|
||||
defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_CTR_DRBG_C and/or POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -54,63 +54,63 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
FILE *f;
|
||||
int i, k, ret;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_entropy_context entropy;
|
||||
unsigned char buf[1024];
|
||||
|
||||
if( argc < 2 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
|
||||
mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "failed to open '%s' for writing.\n", argv[1] );
|
||||
mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
entropy_init( &entropy );
|
||||
ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, (const unsigned char *) "RANDOM_GEN", 10 );
|
||||
mbedtls_entropy_init( &entropy );
|
||||
ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) "RANDOM_GEN", 10 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( "failed in ctr_drbg_init: %d\n", ret );
|
||||
mbedtls_printf( "failed in mbedtls_ctr_drbg_init: %d\n", ret );
|
||||
goto cleanup;
|
||||
}
|
||||
ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_OFF );
|
||||
mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_OFF );
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
ret = ctr_drbg_update_seed_file( &ctr_drbg, "seedfile" );
|
||||
#if defined(MBEDTLS_FS_IO)
|
||||
ret = mbedtls_ctr_drbg_update_seed_file( &ctr_drbg, "seedfile" );
|
||||
|
||||
if( ret == POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR )
|
||||
if( ret == MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR )
|
||||
{
|
||||
polarssl_printf( "Failed to open seedfile. Generating one.\n" );
|
||||
ret = ctr_drbg_write_seed_file( &ctr_drbg, "seedfile" );
|
||||
mbedtls_printf( "Failed to open seedfile. Generating one.\n" );
|
||||
ret = mbedtls_ctr_drbg_write_seed_file( &ctr_drbg, "seedfile" );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( "failed in ctr_drbg_write_seed_file: %d\n", ret );
|
||||
mbedtls_printf( "failed in mbedtls_ctr_drbg_write_seed_file: %d\n", ret );
|
||||
goto cleanup;
|
||||
}
|
||||
}
|
||||
else if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( "failed in ctr_drbg_update_seed_file: %d\n", ret );
|
||||
mbedtls_printf( "failed in mbedtls_ctr_drbg_update_seed_file: %d\n", ret );
|
||||
goto cleanup;
|
||||
}
|
||||
#endif
|
||||
|
||||
for( i = 0, k = 768; i < k; i++ )
|
||||
{
|
||||
ret = ctr_drbg_random( &ctr_drbg, buf, sizeof( buf ) );
|
||||
ret = mbedtls_ctr_drbg_random( &ctr_drbg, buf, sizeof( buf ) );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf("failed!\n");
|
||||
mbedtls_printf("failed!\n");
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
fwrite( buf, 1, sizeof( buf ), f );
|
||||
|
||||
polarssl_printf( "Generating %ldkb of data in file '%s'... %04.1f" \
|
||||
mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \
|
||||
"%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k );
|
||||
fflush( stdout );
|
||||
}
|
||||
@@ -118,12 +118,12 @@ int main( int argc, char *argv[] )
|
||||
ret = 0;
|
||||
|
||||
cleanup:
|
||||
polarssl_printf("\n");
|
||||
mbedtls_printf("\n");
|
||||
|
||||
fclose( f );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_CTR_DRBG_C && POLARSSL_ENTROPY_C */
|
||||
#endif /* MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C */
|
||||
|
||||
@@ -20,31 +20,31 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_HAVEGE_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_HAVEGE_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/havege.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#include <time.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_HAVEGE_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_HAVEGE_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_HAVEGE_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_HAVEGE_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -53,30 +53,30 @@ int main( int argc, char *argv[] )
|
||||
FILE *f;
|
||||
time_t t;
|
||||
int i, k, ret = 0;
|
||||
havege_state hs;
|
||||
mbedtls_havege_state hs;
|
||||
unsigned char buf[1024];
|
||||
|
||||
if( argc < 2 )
|
||||
{
|
||||
polarssl_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
|
||||
mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
|
||||
{
|
||||
polarssl_printf( "failed to open '%s' for writing.\n", argv[1] );
|
||||
mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
havege_init( &hs );
|
||||
mbedtls_havege_init( &hs );
|
||||
|
||||
t = time( NULL );
|
||||
|
||||
for( i = 0, k = 768; i < k; i++ )
|
||||
{
|
||||
if( havege_random( &hs, buf, sizeof( buf ) ) != 0 )
|
||||
if( mbedtls_havege_random( &hs, buf, sizeof( buf ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( "Failed to get random from source.\n" );
|
||||
mbedtls_printf( "Failed to get random from source.\n" );
|
||||
|
||||
ret = 1;
|
||||
goto exit;
|
||||
@@ -84,7 +84,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
fwrite( buf, sizeof( buf ), 1, f );
|
||||
|
||||
polarssl_printf( "Generating %ldkb of data in file '%s'... %04.1f" \
|
||||
mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \
|
||||
"%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k );
|
||||
fflush( stdout );
|
||||
}
|
||||
@@ -92,11 +92,11 @@ int main( int argc, char *argv[] )
|
||||
if( t == time( NULL ) )
|
||||
t--;
|
||||
|
||||
polarssl_printf(" \n ");
|
||||
mbedtls_printf(" \n ");
|
||||
|
||||
exit:
|
||||
havege_free( &hs );
|
||||
mbedtls_havege_free( &hs );
|
||||
fclose( f );
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_HAVEGE_C */
|
||||
#endif /* MBEDTLS_HAVEGE_C */
|
||||
|
||||
@@ -20,36 +20,36 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_SSL_CLI_C) || !defined(POLARSSL_SSL_PROTO_DTLS) || \
|
||||
!defined(POLARSSL_NET_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
|
||||
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_CERTS_C)
|
||||
#if !defined(MBEDTLS_SSL_CLI_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \
|
||||
!defined(MBEDTLS_NET_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
|
||||
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_CERTS_C)
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
((void) argc);
|
||||
((void) argv);
|
||||
|
||||
polarssl_printf( "POLARSSL_SSL_CLI_C and/or POLARSSL_SSL_PROTO_DTLS and/or "
|
||||
"POLARSSL_NET_C and/or "
|
||||
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
|
||||
"POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_CERTS_C and/or POLARSSL_PEM_PARSE_C not defined.\n" );
|
||||
mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or "
|
||||
"MBEDTLS_NET_C and/or "
|
||||
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
|
||||
"MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" );
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -78,7 +78,7 @@ static void my_debug( void *ctx, int level, const char *str )
|
||||
{
|
||||
((void) level);
|
||||
|
||||
polarssl_fprintf( (FILE *) ctx, "%s", str );
|
||||
mbedtls_fprintf( (FILE *) ctx, "%s", str );
|
||||
fflush( (FILE *) ctx );
|
||||
}
|
||||
|
||||
@@ -89,243 +89,243 @@ int main( int argc, char *argv[] )
|
||||
const char *pers = "dtls_client";
|
||||
int retry_left = MAX_RETRY;
|
||||
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_crt cacert;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ssl_context ssl;
|
||||
mbedtls_x509_crt cacert;
|
||||
|
||||
((void) argc);
|
||||
((void) argv);
|
||||
|
||||
#if defined(POLARSSL_DEBUG_C)
|
||||
debug_set_threshold( DEBUG_LEVEL );
|
||||
#if defined(MBEDTLS_DEBUG_C)
|
||||
mbedtls_debug_set_threshold( DEBUG_LEVEL );
|
||||
#endif
|
||||
|
||||
/*
|
||||
* 0. Initialize the RNG and the session data
|
||||
*/
|
||||
memset( &ssl, 0, sizeof( ssl_context ) );
|
||||
x509_crt_init( &cacert );
|
||||
memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
|
||||
mbedtls_x509_crt_init( &cacert );
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 0. Initialize certificates
|
||||
*/
|
||||
polarssl_printf( " . Loading the CA root certificate ..." );
|
||||
mbedtls_printf( " . Loading the CA root certificate ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_crt_parse( &cacert, (const unsigned char *) test_cas_pem,
|
||||
test_cas_pem_len );
|
||||
ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
|
||||
mbedtls_test_cas_pem_len );
|
||||
if( ret < 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok (%d skipped)\n", ret );
|
||||
mbedtls_printf( " ok (%d skipped)\n", ret );
|
||||
|
||||
/*
|
||||
* 1. Start the connection
|
||||
*/
|
||||
polarssl_printf( " . Connecting to udp/%s/%4d...", SERVER_NAME,
|
||||
mbedtls_printf( " . Connecting to udp/%s/%4d...", SERVER_NAME,
|
||||
SERVER_PORT );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_connect( &server_fd, SERVER_ADDR,
|
||||
SERVER_PORT, NET_PROTO_UDP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_connect( &server_fd, SERVER_ADDR,
|
||||
SERVER_PORT, MBEDTLS_NET_PROTO_UDP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 2. Setup stuff
|
||||
*/
|
||||
polarssl_printf( " . Setting up the DTLS structure..." );
|
||||
mbedtls_printf( " . Setting up the DTLS structure..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ssl_init( &ssl ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
||||
ssl_set_transport( &ssl, SSL_TRANSPORT_DATAGRAM );
|
||||
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
|
||||
mbedtls_ssl_set_transport( &ssl, MBEDTLS_SSL_TRANSPORT_DATAGRAM );
|
||||
|
||||
/* OPTIONAL is usually a bad choice for security, but makes interop easier
|
||||
* in this simplified example, in which the ca chain is hardcoded.
|
||||
* Production code should set a proper ca chain and use REQUIRED. */
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
|
||||
ssl_set_ca_chain( &ssl, &cacert, NULL, SERVER_NAME );
|
||||
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL );
|
||||
mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, SERVER_NAME );
|
||||
|
||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
|
||||
ssl_set_bio_timeout( &ssl, &server_fd,
|
||||
net_send, net_recv, net_recv_timeout,
|
||||
mbedtls_ssl_set_bio_timeout( &ssl, &server_fd,
|
||||
mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout,
|
||||
READ_TIMEOUT_MS );
|
||||
|
||||
/*
|
||||
* 4. Handshake
|
||||
*/
|
||||
polarssl_printf( " . Performing the SSL/TLS handshake..." );
|
||||
mbedtls_printf( " . Performing the SSL/TLS handshake..." );
|
||||
fflush( stdout );
|
||||
|
||||
do ret = ssl_handshake( &ssl );
|
||||
while( ret == POLARSSL_ERR_NET_WANT_READ ||
|
||||
ret == POLARSSL_ERR_NET_WANT_WRITE );
|
||||
do ret = mbedtls_ssl_handshake( &ssl );
|
||||
while( ret == MBEDTLS_ERR_NET_WANT_READ ||
|
||||
ret == MBEDTLS_ERR_NET_WANT_WRITE );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_handshake returned -0x%x\n\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 5. Verify the server certificate
|
||||
*/
|
||||
polarssl_printf( " . Verifying peer X.509 certificate..." );
|
||||
mbedtls_printf( " . Verifying peer X.509 certificate..." );
|
||||
|
||||
/* In real life, we would have used SSL_VERIFY_REQUIRED so that the
|
||||
/* In real life, we would have used MBEDTLS_SSL_VERIFY_REQUIRED so that the
|
||||
* handshake would not succeed if the peer's cert is bad. Even if we used
|
||||
* SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */
|
||||
if( ( ret = ssl_get_verify_result( &ssl ) ) != 0 )
|
||||
* MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */
|
||||
if( ( ret = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n" );
|
||||
mbedtls_printf( " failed\n" );
|
||||
|
||||
if( ( ret & BADCERT_EXPIRED ) != 0 )
|
||||
polarssl_printf( " ! server certificate has expired\n" );
|
||||
if( ( ret & MBEDTLS_BADCERT_EXPIRED ) != 0 )
|
||||
mbedtls_printf( " ! server certificate has expired\n" );
|
||||
|
||||
if( ( ret & BADCERT_REVOKED ) != 0 )
|
||||
polarssl_printf( " ! server certificate has been revoked\n" );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_REVOKED ) != 0 )
|
||||
mbedtls_printf( " ! server certificate has been revoked\n" );
|
||||
|
||||
if( ( ret & BADCERT_CN_MISMATCH ) != 0 )
|
||||
polarssl_printf( " ! CN mismatch (expected CN=%s)\n", SERVER_NAME );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 )
|
||||
mbedtls_printf( " ! CN mismatch (expected CN=%s)\n", SERVER_NAME );
|
||||
|
||||
if( ( ret & BADCERT_NOT_TRUSTED ) != 0 )
|
||||
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 )
|
||||
mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" );
|
||||
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
}
|
||||
else
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 6. Write the echo request
|
||||
*/
|
||||
send_request:
|
||||
polarssl_printf( " > Write to server:" );
|
||||
mbedtls_printf( " > Write to server:" );
|
||||
fflush( stdout );
|
||||
|
||||
len = sizeof( MESSAGE ) - 1;
|
||||
|
||||
do ret = ssl_write( &ssl, (unsigned char *) MESSAGE, len );
|
||||
while( ret == POLARSSL_ERR_NET_WANT_READ ||
|
||||
ret == POLARSSL_ERR_NET_WANT_WRITE );
|
||||
do ret = mbedtls_ssl_write( &ssl, (unsigned char *) MESSAGE, len );
|
||||
while( ret == MBEDTLS_ERR_NET_WANT_READ ||
|
||||
ret == MBEDTLS_ERR_NET_WANT_WRITE );
|
||||
|
||||
if( ret < 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
len = ret;
|
||||
polarssl_printf( " %d bytes written\n\n%s\n\n", len, MESSAGE );
|
||||
mbedtls_printf( " %d bytes written\n\n%s\n\n", len, MESSAGE );
|
||||
|
||||
/*
|
||||
* 7. Read the echo response
|
||||
*/
|
||||
polarssl_printf( " < Read from server:" );
|
||||
mbedtls_printf( " < Read from server:" );
|
||||
fflush( stdout );
|
||||
|
||||
len = sizeof( buf ) - 1;
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
do ret = ssl_read( &ssl, buf, len );
|
||||
while( ret == POLARSSL_ERR_NET_WANT_READ ||
|
||||
ret == POLARSSL_ERR_NET_WANT_WRITE );
|
||||
do ret = mbedtls_ssl_read( &ssl, buf, len );
|
||||
while( ret == MBEDTLS_ERR_NET_WANT_READ ||
|
||||
ret == MBEDTLS_ERR_NET_WANT_WRITE );
|
||||
|
||||
if( ret <= 0 )
|
||||
{
|
||||
switch( ret )
|
||||
{
|
||||
case POLARSSL_ERR_NET_TIMEOUT:
|
||||
polarssl_printf( " timeout\n\n" );
|
||||
case MBEDTLS_ERR_NET_TIMEOUT:
|
||||
mbedtls_printf( " timeout\n\n" );
|
||||
if( retry_left-- > 0 )
|
||||
goto send_request;
|
||||
goto exit;
|
||||
|
||||
case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY:
|
||||
polarssl_printf( " connection was closed gracefully\n" );
|
||||
case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
|
||||
mbedtls_printf( " connection was closed gracefully\n" );
|
||||
ret = 0;
|
||||
goto close_notify;
|
||||
|
||||
default:
|
||||
polarssl_printf( " ssl_read returned -0x%x\n\n", -ret );
|
||||
mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
len = ret;
|
||||
polarssl_printf( " %d bytes read\n\n%s\n\n", len, buf );
|
||||
mbedtls_printf( " %d bytes read\n\n%s\n\n", len, buf );
|
||||
|
||||
/*
|
||||
* 8. Done, cleanly close the connection
|
||||
*/
|
||||
close_notify:
|
||||
polarssl_printf( " . Closing the connection..." );
|
||||
mbedtls_printf( " . Closing the connection..." );
|
||||
|
||||
/* No error checking, the connection might be closed already */
|
||||
do ret = ssl_close_notify( &ssl );
|
||||
while( ret == POLARSSL_ERR_NET_WANT_WRITE );
|
||||
do ret = mbedtls_ssl_close_notify( &ssl );
|
||||
while( ret == MBEDTLS_ERR_NET_WANT_WRITE );
|
||||
ret = 0;
|
||||
|
||||
polarssl_printf( " done\n" );
|
||||
mbedtls_printf( " done\n" );
|
||||
|
||||
/*
|
||||
* 9. Final clean-ups and exit
|
||||
*/
|
||||
exit:
|
||||
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
polarssl_strerror( ret, error_buf, 100 );
|
||||
polarssl_printf( "Last error was: %d - %s\n\n", ret, error_buf );
|
||||
mbedtls_strerror( ret, error_buf, 100 );
|
||||
mbedtls_printf( "Last error was: %d - %s\n\n", ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
if( server_fd != -1 )
|
||||
net_close( server_fd );
|
||||
mbedtls_net_close( server_fd );
|
||||
|
||||
x509_crt_free( &cacert );
|
||||
ssl_free( &ssl );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_x509_crt_free( &cacert );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
@@ -335,7 +335,7 @@ exit:
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_SSL_CLI_C && POLARSSL_SSL_PROTO_DTLS && POLARSSL_NET_C &&
|
||||
POLARSSL_ENTROPY_C && POLARSSL_CTR_DRBG_C &&
|
||||
POLARSSL_X509_CRT_PARSE_C && POLARSSL_RSA_C && POLARSSL_CERTS_C &&
|
||||
POLARSSL_PEM_PARSE_C */
|
||||
#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C &&
|
||||
MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
|
||||
MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_CERTS_C &&
|
||||
MBEDTLS_PEM_PARSE_C */
|
||||
|
||||
@@ -20,33 +20,33 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_SSL_PROTO_DTLS) || \
|
||||
!defined(POLARSSL_SSL_COOKIE_C) || !defined(POLARSSL_NET_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
|
||||
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_CERTS_C) || !defined(POLARSSL_PEM_PARSE_C)
|
||||
#if !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \
|
||||
!defined(MBEDTLS_SSL_COOKIE_C) || !defined(MBEDTLS_NET_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
|
||||
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C)
|
||||
|
||||
#include <stdio.h>
|
||||
int main( void )
|
||||
{
|
||||
printf( "POLARSSL_SSL_SRV_C and/or POLARSSL_SSL_PROTO_DTLS and/or "
|
||||
"POLARSSL_SSL_COOKIE_C and/or POLARSSL_NET_C and/or "
|
||||
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
|
||||
"POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_CERTS_C and/or POLARSSL_PEM_PARSE_C not defined.\n" );
|
||||
printf( "MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or "
|
||||
"MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or "
|
||||
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
|
||||
"MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" );
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -69,7 +69,7 @@ int main( void )
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/debug.h"
|
||||
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
#include "mbedtls/ssl_cache.h"
|
||||
#endif
|
||||
|
||||
@@ -80,7 +80,7 @@ static void my_debug( void *ctx, int level, const char *str )
|
||||
{
|
||||
((void) level);
|
||||
|
||||
polarssl_fprintf( (FILE *) ctx, "%s", str );
|
||||
mbedtls_fprintf( (FILE *) ctx, "%s", str );
|
||||
fflush( (FILE *) ctx );
|
||||
}
|
||||
|
||||
@@ -92,28 +92,28 @@ int main( void )
|
||||
unsigned char buf[1024];
|
||||
const char *pers = "dtls_server";
|
||||
unsigned char client_ip[16] = { 0 };
|
||||
ssl_cookie_ctx cookie_ctx;
|
||||
mbedtls_ssl_cookie_ctx cookie_ctx;
|
||||
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_crt srvcert;
|
||||
pk_context pkey;
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_context cache;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ssl_context ssl;
|
||||
mbedtls_x509_crt srvcert;
|
||||
mbedtls_pk_context pkey;
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_context cache;
|
||||
#endif
|
||||
|
||||
memset( &ssl, 0, sizeof(ssl_context) );
|
||||
ssl_cookie_init( &cookie_ctx );
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_init( &cache );
|
||||
memset( &ssl, 0, sizeof(mbedtls_ssl_context) );
|
||||
mbedtls_ssl_cookie_init( &cookie_ctx );
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_init( &cache );
|
||||
#endif
|
||||
x509_crt_init( &srvcert );
|
||||
pk_init( &pkey );
|
||||
entropy_init( &entropy );
|
||||
mbedtls_x509_crt_init( &srvcert );
|
||||
mbedtls_pk_init( &pkey );
|
||||
mbedtls_entropy_init( &entropy );
|
||||
|
||||
#if defined(POLARSSL_DEBUG_C)
|
||||
debug_set_threshold( DEBUG_LEVEL );
|
||||
#if defined(MBEDTLS_DEBUG_C)
|
||||
mbedtls_debug_set_threshold( DEBUG_LEVEL );
|
||||
#endif
|
||||
|
||||
/*
|
||||
@@ -124,30 +124,30 @@ int main( void )
|
||||
|
||||
/*
|
||||
* This demonstration program uses embedded test certificates.
|
||||
* Instead, you may want to use x509_crt_parse_file() to read the
|
||||
* server and CA certificates, as well as pk_parse_keyfile().
|
||||
* Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
|
||||
* server and CA certificates, as well as mbedtls_pk_parse_keyfile().
|
||||
*/
|
||||
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
|
||||
test_srv_crt_len );
|
||||
ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
|
||||
mbedtls_test_srv_crt_len );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||
printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_cas_pem,
|
||||
test_cas_pem_len );
|
||||
ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
|
||||
mbedtls_test_cas_pem_len );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||
printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
|
||||
test_srv_key_len, NULL, 0 );
|
||||
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
|
||||
mbedtls_test_srv_key_len, NULL, 0 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
|
||||
printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -159,9 +159,9 @@ int main( void )
|
||||
printf( " . Bind on udp/*/4433 ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_bind( &listen_fd, NULL, 4433, NET_PROTO_UDP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_bind( &listen_fd, NULL, 4433, MBEDTLS_NET_PROTO_UDP ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! net_bind returned %d\n\n", ret );
|
||||
printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -173,11 +173,11 @@ int main( void )
|
||||
printf( " . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -189,57 +189,57 @@ int main( void )
|
||||
printf( " . Setting up the DTLS data..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ssl_init( &ssl ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! ssl_init returned %d\n\n", ret );
|
||||
printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||
ssl_set_transport( &ssl, SSL_TRANSPORT_DATAGRAM );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
|
||||
mbedtls_ssl_set_transport( &ssl, MBEDTLS_SSL_TRANSPORT_DATAGRAM );
|
||||
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
|
||||
|
||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_set_session_cache( &ssl, ssl_cache_get, &cache,
|
||||
ssl_cache_set, &cache );
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, &cache,
|
||||
mbedtls_ssl_cache_set, &cache );
|
||||
#endif
|
||||
|
||||
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
|
||||
if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
|
||||
mbedtls_ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
|
||||
if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
|
||||
printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = ssl_cookie_setup( &cookie_ctx,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx,
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! ssl_cookie_setup returned %d\n\n", ret );
|
||||
printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ssl_set_dtls_cookies( &ssl, ssl_cookie_write, ssl_cookie_check,
|
||||
mbedtls_ssl_set_dtls_cookies( &ssl, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
|
||||
&cookie_ctx );
|
||||
|
||||
printf( " ok\n" );
|
||||
|
||||
reset:
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
polarssl_strerror( ret, error_buf, 100 );
|
||||
mbedtls_strerror( ret, error_buf, 100 );
|
||||
printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
if( client_fd != -1 )
|
||||
net_close( client_fd );
|
||||
mbedtls_net_close( client_fd );
|
||||
|
||||
ssl_session_reset( &ssl );
|
||||
mbedtls_ssl_session_reset( &ssl );
|
||||
|
||||
/*
|
||||
* 3. Wait until a client connects
|
||||
@@ -249,21 +249,21 @@ reset:
|
||||
printf( " . Waiting for a remote connection ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_accept( listen_fd, &client_fd, client_ip ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, client_ip ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! net_accept returned %d\n\n", ret );
|
||||
printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* With UDP, bind_fd is hijacked by client_fd, so bind a new one */
|
||||
if( ( ret = net_bind( &listen_fd, NULL, 4433, NET_PROTO_UDP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_bind( &listen_fd, NULL, 4433, MBEDTLS_NET_PROTO_UDP ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! net_bind returned -0x%x\n\n", -ret );
|
||||
printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* For HelloVerifyRequest cookies */
|
||||
if( ( ret = ssl_set_client_transport_id( &ssl, client_ip,
|
||||
if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, client_ip,
|
||||
sizeof( client_ip ) ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! "
|
||||
@@ -271,8 +271,8 @@ reset:
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ssl_set_bio_timeout( &ssl, &client_fd,
|
||||
net_send, net_recv, net_recv_timeout,
|
||||
mbedtls_ssl_set_bio_timeout( &ssl, &client_fd,
|
||||
mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout,
|
||||
READ_TIMEOUT_MS );
|
||||
|
||||
printf( " ok\n" );
|
||||
@@ -283,11 +283,11 @@ reset:
|
||||
printf( " . Performing the DTLS handshake..." );
|
||||
fflush( stdout );
|
||||
|
||||
do ret = ssl_handshake( &ssl );
|
||||
while( ret == POLARSSL_ERR_NET_WANT_READ ||
|
||||
ret == POLARSSL_ERR_NET_WANT_WRITE );
|
||||
do ret = mbedtls_ssl_handshake( &ssl );
|
||||
while( ret == MBEDTLS_ERR_NET_WANT_READ ||
|
||||
ret == MBEDTLS_ERR_NET_WANT_WRITE );
|
||||
|
||||
if( ret == POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED )
|
||||
if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
|
||||
{
|
||||
printf( " hello verification requested\n" );
|
||||
ret = 0;
|
||||
@@ -295,7 +295,7 @@ reset:
|
||||
}
|
||||
else if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! ssl_handshake returned -0x%x\n\n", -ret );
|
||||
printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
|
||||
goto reset;
|
||||
}
|
||||
|
||||
@@ -310,25 +310,25 @@ reset:
|
||||
len = sizeof( buf ) - 1;
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
do ret = ssl_read( &ssl, buf, len );
|
||||
while( ret == POLARSSL_ERR_NET_WANT_READ ||
|
||||
ret == POLARSSL_ERR_NET_WANT_WRITE );
|
||||
do ret = mbedtls_ssl_read( &ssl, buf, len );
|
||||
while( ret == MBEDTLS_ERR_NET_WANT_READ ||
|
||||
ret == MBEDTLS_ERR_NET_WANT_WRITE );
|
||||
|
||||
if( ret <= 0 )
|
||||
{
|
||||
switch( ret )
|
||||
{
|
||||
case POLARSSL_ERR_NET_TIMEOUT:
|
||||
case MBEDTLS_ERR_NET_TIMEOUT:
|
||||
printf( " timeout\n\n" );
|
||||
goto reset;
|
||||
|
||||
case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY:
|
||||
case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
|
||||
printf( " connection was closed gracefully\n" );
|
||||
ret = 0;
|
||||
goto close_notify;
|
||||
|
||||
default:
|
||||
printf( " ssl_read returned -0x%x\n\n", -ret );
|
||||
printf( " mbedtls_ssl_read returned -0x%x\n\n", -ret );
|
||||
goto reset;
|
||||
}
|
||||
}
|
||||
@@ -342,13 +342,13 @@ reset:
|
||||
printf( " > Write to client:" );
|
||||
fflush( stdout );
|
||||
|
||||
do ret = ssl_write( &ssl, buf, len );
|
||||
while( ret == POLARSSL_ERR_NET_WANT_READ ||
|
||||
ret == POLARSSL_ERR_NET_WANT_WRITE );
|
||||
do ret = mbedtls_ssl_write( &ssl, buf, len );
|
||||
while( ret == MBEDTLS_ERR_NET_WANT_READ ||
|
||||
ret == MBEDTLS_ERR_NET_WANT_WRITE );
|
||||
|
||||
if( ret < 0 )
|
||||
{
|
||||
printf( " failed\n ! ssl_write returned %d\n\n", ret );
|
||||
printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -362,8 +362,8 @@ close_notify:
|
||||
printf( " . Closing the connection..." );
|
||||
|
||||
/* No error checking, the connection might be closed already */
|
||||
do ret = ssl_close_notify( &ssl );
|
||||
while( ret == POLARSSL_ERR_NET_WANT_WRITE );
|
||||
do ret = mbedtls_ssl_close_notify( &ssl );
|
||||
while( ret == MBEDTLS_ERR_NET_WANT_WRITE );
|
||||
ret = 0;
|
||||
|
||||
printf( " done\n" );
|
||||
@@ -375,27 +375,27 @@ close_notify:
|
||||
*/
|
||||
exit:
|
||||
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
polarssl_strerror( ret, error_buf, 100 );
|
||||
mbedtls_strerror( ret, error_buf, 100 );
|
||||
printf( "Last error was: %d - %s\n\n", ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
if( client_fd != -1 )
|
||||
net_close( client_fd );
|
||||
mbedtls_net_close( client_fd );
|
||||
|
||||
x509_crt_free( &srvcert );
|
||||
pk_free( &pkey );
|
||||
ssl_free( &ssl );
|
||||
ssl_cookie_free( &cookie_ctx );
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_free( &cache );
|
||||
mbedtls_x509_crt_free( &srvcert );
|
||||
mbedtls_pk_free( &pkey );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ssl_cookie_free( &cookie_ctx );
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_free( &cache );
|
||||
#endif
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
printf( " Press Enter to exit this program.\n" );
|
||||
@@ -408,7 +408,7 @@ exit:
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_SSL_SRV_C && POLARSSL_SSL_PROTO_DTLS &&
|
||||
POLARSSL_SSL_COOKIE_C && POLARSSL_NET_C && POLARSSL_ENTROPY_C &&
|
||||
POLARSSL_CTR_DRBG_C && POLARSSL_X509_CRT_PARSE_C && POLARSSL_RSA_C
|
||||
&& POLARSSL_CERTS_C && POLARSSL_PEM_PARSE_C */
|
||||
#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS &&
|
||||
MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C &&
|
||||
MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C
|
||||
&& MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C */
|
||||
|
||||
@@ -21,10 +21,10 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
/*
|
||||
@@ -37,19 +37,19 @@
|
||||
#define UNIX
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_NET_C) || !defined(POLARSSL_SSL_CLI_C) || \
|
||||
#if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \
|
||||
!defined(UNIX)
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf( "POLARSSL_CTR_DRBG_C and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_NET_C and/or POLARSSL_SSL_CLI_C and/or UNIX "
|
||||
mbedtls_printf( "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or "
|
||||
"MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX "
|
||||
"not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
@@ -79,7 +79,7 @@ int main( void )
|
||||
|
||||
const char *pers = "mini_client";
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
|
||||
const unsigned char psk[] = {
|
||||
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
|
||||
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
|
||||
@@ -87,7 +87,7 @@ const unsigned char psk[] = {
|
||||
const char psk_id[] = "Client_identity";
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
/* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */
|
||||
const unsigned char ca_cert[] = {
|
||||
0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01,
|
||||
@@ -141,7 +141,7 @@ const unsigned char ca_cert[] = {
|
||||
0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c,
|
||||
0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20,
|
||||
};
|
||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
enum exit_codes
|
||||
{
|
||||
@@ -160,54 +160,54 @@ int main( void )
|
||||
int ret = exit_ok;
|
||||
int server_fd = -1;
|
||||
struct sockaddr_in addr;
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
x509_crt ca;
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
mbedtls_x509_crt ca;
|
||||
#endif
|
||||
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ssl_context ssl;
|
||||
|
||||
/*
|
||||
* 0. Initialize and setup stuff
|
||||
*/
|
||||
memset( &ssl, 0, sizeof( ssl_context ) );
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
x509_crt_init( &ca );
|
||||
memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
mbedtls_x509_crt_init( &ca );
|
||||
#endif
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers, strlen( pers ) ) != 0 )
|
||||
{
|
||||
ret = ssl_init_failed;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ssl_init( &ssl ) != 0 )
|
||||
if( mbedtls_ssl_init( &ssl ) != 0 )
|
||||
{
|
||||
ret = ssl_init_failed;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
||||
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
|
||||
|
||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
|
||||
ssl_set_psk( &ssl, psk, sizeof( psk ),
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
|
||||
mbedtls_ssl_set_psk( &ssl, psk, sizeof( psk ),
|
||||
(const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
if( x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 )
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
if( mbedtls_x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 )
|
||||
{
|
||||
ret = x509_crt_parse_failed;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ssl_set_ca_chain( &ssl, &ca, NULL, HOSTNAME );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_REQUIRED );
|
||||
mbedtls_ssl_set_ca_chain( &ssl, &ca, NULL, HOSTNAME );
|
||||
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_REQUIRED );
|
||||
#endif
|
||||
|
||||
/*
|
||||
@@ -234,9 +234,9 @@ int main( void )
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ssl_set_bio_timeout( &ssl, &server_fd, net_send, net_recv, NULL, 0 );
|
||||
mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
|
||||
|
||||
if( ssl_handshake( &ssl ) != 0 )
|
||||
if( mbedtls_ssl_handshake( &ssl ) != 0 )
|
||||
{
|
||||
ret = ssl_handshake_failed;
|
||||
goto exit;
|
||||
@@ -245,24 +245,24 @@ int main( void )
|
||||
/*
|
||||
* 2. Write the GET request and close the connection
|
||||
*/
|
||||
if( ssl_write( &ssl, (const unsigned char *) GET_REQUEST,
|
||||
if( mbedtls_ssl_write( &ssl, (const unsigned char *) GET_REQUEST,
|
||||
sizeof( GET_REQUEST ) - 1 ) <= 0 )
|
||||
{
|
||||
ret = ssl_write_failed;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ssl_close_notify( &ssl );
|
||||
mbedtls_ssl_close_notify( &ssl );
|
||||
|
||||
exit:
|
||||
if( server_fd != -1 )
|
||||
net_close( server_fd );
|
||||
mbedtls_net_close( server_fd );
|
||||
|
||||
ssl_free( &ssl );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
x509_crt_free( &ca );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
mbedtls_x509_crt_free( &ca );
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
|
||||
@@ -20,31 +20,31 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
|
||||
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_CERTS_C) || !defined(POLARSSL_PEM_PARSE_C) || \
|
||||
!defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
|
||||
!defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \
|
||||
!defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
|
||||
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
|
||||
"MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
|
||||
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
|
||||
"not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
@@ -70,7 +70,7 @@ static void my_debug( void *ctx, int level, const char *str )
|
||||
{
|
||||
((void) level);
|
||||
|
||||
polarssl_fprintf( (FILE *) ctx, "%s", str );
|
||||
mbedtls_fprintf( (FILE *) ctx, "%s", str );
|
||||
fflush( (FILE *) ctx );
|
||||
}
|
||||
|
||||
@@ -80,221 +80,221 @@ int main( void )
|
||||
unsigned char buf[1024];
|
||||
const char *pers = "ssl_client1";
|
||||
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_crt cacert;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ssl_context ssl;
|
||||
mbedtls_x509_crt cacert;
|
||||
|
||||
#if defined(POLARSSL_DEBUG_C)
|
||||
debug_set_threshold( DEBUG_LEVEL );
|
||||
#if defined(MBEDTLS_DEBUG_C)
|
||||
mbedtls_debug_set_threshold( DEBUG_LEVEL );
|
||||
#endif
|
||||
|
||||
/*
|
||||
* 0. Initialize the RNG and the session data
|
||||
*/
|
||||
memset( &ssl, 0, sizeof( ssl_context ) );
|
||||
x509_crt_init( &cacert );
|
||||
memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
|
||||
mbedtls_x509_crt_init( &cacert );
|
||||
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 0. Initialize certificates
|
||||
*/
|
||||
polarssl_printf( " . Loading the CA root certificate ..." );
|
||||
mbedtls_printf( " . Loading the CA root certificate ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_crt_parse( &cacert, (const unsigned char *) test_cas_pem,
|
||||
test_cas_pem_len );
|
||||
ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
|
||||
mbedtls_test_cas_pem_len );
|
||||
if( ret < 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok (%d skipped)\n", ret );
|
||||
mbedtls_printf( " ok (%d skipped)\n", ret );
|
||||
|
||||
/*
|
||||
* 1. Start the connection
|
||||
*/
|
||||
polarssl_printf( " . Connecting to tcp/%s/%4d...", SERVER_NAME,
|
||||
mbedtls_printf( " . Connecting to tcp/%s/%4d...", SERVER_NAME,
|
||||
SERVER_PORT );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_connect( &server_fd, SERVER_NAME,
|
||||
SERVER_PORT, NET_PROTO_TCP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME,
|
||||
SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 2. Setup stuff
|
||||
*/
|
||||
polarssl_printf( " . Setting up the SSL/TLS structure..." );
|
||||
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ssl_init( &ssl ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
||||
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
|
||||
/* OPTIONAL is not optimal for security,
|
||||
* but makes interop easier in this simplified example */
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
|
||||
ssl_set_ca_chain( &ssl, &cacert, NULL, "mbed TLS Server 1" );
|
||||
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL );
|
||||
mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, "mbed TLS Server 1" );
|
||||
|
||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
ssl_set_bio_timeout( &ssl, &server_fd, net_send, net_recv, NULL, 0 );
|
||||
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
|
||||
|
||||
/*
|
||||
* 4. Handshake
|
||||
*/
|
||||
polarssl_printf( " . Performing the SSL/TLS handshake..." );
|
||||
mbedtls_printf( " . Performing the SSL/TLS handshake..." );
|
||||
fflush( stdout );
|
||||
|
||||
while( ( ret = ssl_handshake( &ssl ) ) != 0 )
|
||||
while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_handshake returned -0x%x\n\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 5. Verify the server certificate
|
||||
*/
|
||||
polarssl_printf( " . Verifying peer X.509 certificate..." );
|
||||
mbedtls_printf( " . Verifying peer X.509 certificate..." );
|
||||
|
||||
/* In real life, we may want to bail out when ret != 0 */
|
||||
if( ( ret = ssl_get_verify_result( &ssl ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n" );
|
||||
mbedtls_printf( " failed\n" );
|
||||
|
||||
if( ( ret & BADCERT_EXPIRED ) != 0 )
|
||||
polarssl_printf( " ! server certificate has expired\n" );
|
||||
if( ( ret & MBEDTLS_BADCERT_EXPIRED ) != 0 )
|
||||
mbedtls_printf( " ! server certificate has expired\n" );
|
||||
|
||||
if( ( ret & BADCERT_REVOKED ) != 0 )
|
||||
polarssl_printf( " ! server certificate has been revoked\n" );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_REVOKED ) != 0 )
|
||||
mbedtls_printf( " ! server certificate has been revoked\n" );
|
||||
|
||||
if( ( ret & BADCERT_CN_MISMATCH ) != 0 )
|
||||
polarssl_printf( " ! CN mismatch (expected CN=%s)\n", "PolarSSL Server 1" );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 )
|
||||
mbedtls_printf( " ! CN mismatch (expected CN=%s)\n", "PolarSSL Server 1" );
|
||||
|
||||
if( ( ret & BADCERT_NOT_TRUSTED ) != 0 )
|
||||
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 )
|
||||
mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" );
|
||||
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
}
|
||||
else
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 3. Write the GET request
|
||||
*/
|
||||
polarssl_printf( " > Write to server:" );
|
||||
mbedtls_printf( " > Write to server:" );
|
||||
fflush( stdout );
|
||||
|
||||
len = sprintf( (char *) buf, GET_REQUEST );
|
||||
|
||||
while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 )
|
||||
while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
len = ret;
|
||||
polarssl_printf( " %d bytes written\n\n%s", len, (char *) buf );
|
||||
mbedtls_printf( " %d bytes written\n\n%s", len, (char *) buf );
|
||||
|
||||
/*
|
||||
* 7. Read the HTTP response
|
||||
*/
|
||||
polarssl_printf( " < Read from server:" );
|
||||
mbedtls_printf( " < Read from server:" );
|
||||
fflush( stdout );
|
||||
|
||||
do
|
||||
{
|
||||
len = sizeof( buf ) - 1;
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
ret = ssl_read( &ssl, buf, len );
|
||||
ret = mbedtls_ssl_read( &ssl, buf, len );
|
||||
|
||||
if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret == MBEDTLS_ERR_NET_WANT_READ || ret == MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
continue;
|
||||
|
||||
if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY )
|
||||
if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY )
|
||||
break;
|
||||
|
||||
if( ret < 0 )
|
||||
{
|
||||
polarssl_printf( "failed\n ! ssl_read returned %d\n\n", ret );
|
||||
mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret );
|
||||
break;
|
||||
}
|
||||
|
||||
if( ret == 0 )
|
||||
{
|
||||
polarssl_printf( "\n\nEOF\n\n" );
|
||||
mbedtls_printf( "\n\nEOF\n\n" );
|
||||
break;
|
||||
}
|
||||
|
||||
len = ret;
|
||||
polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf );
|
||||
mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
|
||||
}
|
||||
while( 1 );
|
||||
|
||||
ssl_close_notify( &ssl );
|
||||
mbedtls_ssl_close_notify( &ssl );
|
||||
|
||||
exit:
|
||||
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
polarssl_strerror( ret, error_buf, 100 );
|
||||
polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
mbedtls_strerror( ret, error_buf, 100 );
|
||||
mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
if( server_fd != -1 )
|
||||
net_close( server_fd );
|
||||
mbedtls_net_close( server_fd );
|
||||
|
||||
x509_crt_free( &cacert );
|
||||
ssl_free( &ssl );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_x509_crt_free( &cacert );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
memset( &ssl, 0, sizeof( ssl ) );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_SSL_TLS_C &&
|
||||
POLARSSL_SSL_CLI_C && POLARSSL_NET_C && POLARSSL_RSA_C &&
|
||||
POLARSSL_CERTS_C && POLARSSL_PEM_PARSE_C && POLARSSL_CTR_DRBG_C &&
|
||||
POLARSSL_X509_CRT_PARSE_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
|
||||
MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
|
||||
MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C &&
|
||||
MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -20,42 +20,42 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
|
||||
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
|
||||
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
|
||||
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_TIMING_C) || \
|
||||
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_PEM_PARSE_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
|
||||
!defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \
|
||||
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
|
||||
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_TIMING_C) || \
|
||||
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C)
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
((void) argc);
|
||||
((void) argv);
|
||||
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
|
||||
"and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
|
||||
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
|
||||
"POLARSSL_TIMING_C and/or POLARSSL_PEM_PARSE_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
|
||||
"and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
|
||||
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
|
||||
"MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#elif defined(_WIN32)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("_WIN32 defined. This application requires fork() and signals "
|
||||
mbedtls_printf("_WIN32 defined. This application requires fork() and signals "
|
||||
"to work correctly.\n");
|
||||
return( 0 );
|
||||
}
|
||||
@@ -87,7 +87,7 @@ static void my_debug( void *ctx, int level, const char *str )
|
||||
{
|
||||
if( level < DEBUG_LEVEL )
|
||||
{
|
||||
polarssl_fprintf( (FILE *) ctx, "%s", str );
|
||||
mbedtls_fprintf( (FILE *) ctx, "%s", str );
|
||||
fflush( (FILE *) ctx );
|
||||
}
|
||||
}
|
||||
@@ -100,86 +100,86 @@ int main( void )
|
||||
unsigned char buf[1024];
|
||||
const char *pers = "ssl_fork_server";
|
||||
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_crt srvcert;
|
||||
pk_context pkey;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ssl_context ssl;
|
||||
mbedtls_x509_crt srvcert;
|
||||
mbedtls_pk_context pkey;
|
||||
|
||||
memset( &ssl, 0, sizeof(ssl_context) );
|
||||
memset( &ssl, 0, sizeof(mbedtls_ssl_context) );
|
||||
|
||||
entropy_init( &entropy );
|
||||
pk_init( &pkey );
|
||||
x509_crt_init( &srvcert );
|
||||
mbedtls_entropy_init( &entropy );
|
||||
mbedtls_pk_init( &pkey );
|
||||
mbedtls_x509_crt_init( &srvcert );
|
||||
|
||||
signal( SIGCHLD, SIG_IGN );
|
||||
|
||||
/*
|
||||
* 0. Initial seeding of the RNG
|
||||
*/
|
||||
polarssl_printf( "\n . Initial seeding of the random generator..." );
|
||||
mbedtls_printf( "\n . Initial seeding of the random generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1. Load the certificates and private RSA key
|
||||
*/
|
||||
polarssl_printf( " . Loading the server cert. and key..." );
|
||||
mbedtls_printf( " . Loading the server cert. and key..." );
|
||||
fflush( stdout );
|
||||
|
||||
/*
|
||||
* This demonstration program uses embedded test certificates.
|
||||
* Instead, you may want to use x509_crt_parse_file() to read the
|
||||
* server and CA certificates, as well as pk_parse_keyfile().
|
||||
* Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
|
||||
* server and CA certificates, as well as mbedtls_pk_parse_keyfile().
|
||||
*/
|
||||
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
|
||||
test_srv_crt_len );
|
||||
ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
|
||||
mbedtls_test_srv_crt_len );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_cas_pem,
|
||||
test_cas_pem_len );
|
||||
ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
|
||||
mbedtls_test_cas_pem_len );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
|
||||
test_srv_key_len, NULL, 0 );
|
||||
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
|
||||
mbedtls_test_srv_key_len, NULL, 0 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 2. Setup the listening TCP socket
|
||||
*/
|
||||
polarssl_printf( " . Bind on https://localhost:4433/ ..." );
|
||||
mbedtls_printf( " . Bind on https://localhost:4433/ ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_bind( &listen_fd, NULL, 4433, NET_PROTO_TCP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_bind( &listen_fd, NULL, 4433, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
while( 1 )
|
||||
{
|
||||
@@ -189,16 +189,16 @@ int main( void )
|
||||
client_fd = -1;
|
||||
memset( &ssl, 0, sizeof( ssl ) );
|
||||
|
||||
polarssl_printf( " . Waiting for a remote connection ..." );
|
||||
mbedtls_printf( " . Waiting for a remote connection ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_accept returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 3.5. Forking server thread
|
||||
@@ -206,24 +206,24 @@ int main( void )
|
||||
|
||||
pid = fork();
|
||||
|
||||
polarssl_printf( " . Forking to handle connection ..." );
|
||||
mbedtls_printf( " . Forking to handle connection ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( pid < 0 )
|
||||
{
|
||||
polarssl_printf(" failed\n ! fork returned %d\n\n", pid );
|
||||
mbedtls_printf(" failed\n ! fork returned %d\n\n", pid );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
if( pid != 0 )
|
||||
{
|
||||
if( ( ret = ctr_drbg_reseed( &ctr_drbg,
|
||||
if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg,
|
||||
(const unsigned char *) "parent",
|
||||
6 ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_reseed returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_reseed returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -236,85 +236,85 @@ int main( void )
|
||||
/*
|
||||
* 4. Setup stuff
|
||||
*/
|
||||
polarssl_printf( " . Setting up the SSL data...." );
|
||||
mbedtls_printf( " . Setting up the SSL data...." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ctr_drbg_reseed( &ctr_drbg,
|
||||
if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg,
|
||||
(const unsigned char *) "child",
|
||||
5 ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_reseed returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_reseed returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = ssl_init( &ssl ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
|
||||
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
|
||||
|
||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
ssl_set_bio_timeout( &ssl, &client_fd, net_send, net_recv, NULL, 0 );
|
||||
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
|
||||
|
||||
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
|
||||
if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
|
||||
mbedtls_ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
|
||||
if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 5. Handshake
|
||||
*/
|
||||
polarssl_printf( " . Performing the SSL/TLS handshake..." );
|
||||
mbedtls_printf( " . Performing the SSL/TLS handshake..." );
|
||||
fflush( stdout );
|
||||
|
||||
while( ( ret = ssl_handshake( &ssl ) ) != 0 )
|
||||
while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 6. Read the HTTP Request
|
||||
*/
|
||||
polarssl_printf( " < Read from client:" );
|
||||
mbedtls_printf( " < Read from client:" );
|
||||
fflush( stdout );
|
||||
|
||||
do
|
||||
{
|
||||
len = sizeof( buf ) - 1;
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
ret = ssl_read( &ssl, buf, len );
|
||||
ret = mbedtls_ssl_read( &ssl, buf, len );
|
||||
|
||||
if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret == MBEDTLS_ERR_NET_WANT_READ || ret == MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
continue;
|
||||
|
||||
if( ret <= 0 )
|
||||
{
|
||||
switch( ret )
|
||||
{
|
||||
case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY:
|
||||
polarssl_printf( " connection was closed gracefully\n" );
|
||||
case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
|
||||
mbedtls_printf( " connection was closed gracefully\n" );
|
||||
break;
|
||||
|
||||
case POLARSSL_ERR_NET_CONN_RESET:
|
||||
polarssl_printf( " connection was reset by peer\n" );
|
||||
case MBEDTLS_ERR_NET_CONN_RESET:
|
||||
mbedtls_printf( " connection was reset by peer\n" );
|
||||
break;
|
||||
|
||||
default:
|
||||
polarssl_printf( " ssl_read returned %d\n", ret );
|
||||
mbedtls_printf( " mbedtls_ssl_read returned %d\n", ret );
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -322,7 +322,7 @@ int main( void )
|
||||
}
|
||||
|
||||
len = ret;
|
||||
polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf );
|
||||
mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
|
||||
|
||||
if( ret > 0 )
|
||||
break;
|
||||
@@ -332,57 +332,57 @@ int main( void )
|
||||
/*
|
||||
* 7. Write the 200 Response
|
||||
*/
|
||||
polarssl_printf( " > Write to client:" );
|
||||
mbedtls_printf( " > Write to client:" );
|
||||
fflush( stdout );
|
||||
|
||||
len = sprintf( (char *) buf, HTTP_RESPONSE,
|
||||
ssl_get_ciphersuite( &ssl ) );
|
||||
mbedtls_ssl_get_ciphersuite( &ssl ) );
|
||||
|
||||
while( cnt++ < 100 )
|
||||
{
|
||||
while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 )
|
||||
while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
|
||||
{
|
||||
if( ret == POLARSSL_ERR_NET_CONN_RESET )
|
||||
if( ret == MBEDTLS_ERR_NET_CONN_RESET )
|
||||
{
|
||||
polarssl_printf( " failed\n ! peer closed the connection\n\n" );
|
||||
mbedtls_printf( " failed\n ! peer closed the connection\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
len = ret;
|
||||
polarssl_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
|
||||
mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
|
||||
|
||||
m_sleep( 1000 );
|
||||
mbedtls_timing_m_sleep( 1000 );
|
||||
}
|
||||
|
||||
ssl_close_notify( &ssl );
|
||||
mbedtls_ssl_close_notify( &ssl );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
exit:
|
||||
|
||||
if( client_fd != -1 )
|
||||
net_close( client_fd );
|
||||
mbedtls_net_close( client_fd );
|
||||
|
||||
x509_crt_free( &srvcert );
|
||||
pk_free( &pkey );
|
||||
ssl_free( &ssl );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_x509_crt_free( &srvcert );
|
||||
mbedtls_pk_free( &pkey );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_CERTS_C && POLARSSL_ENTROPY_C &&
|
||||
POLARSSL_SSL_TLS_C && POLARSSL_SSL_SRV_C && POLARSSL_NET_C &&
|
||||
POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C && POLARSSL_PEM_PARSE_C &&
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
|
||||
MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
|
||||
MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_PARSE_C &&
|
||||
! _WIN32 */
|
||||
|
||||
@@ -20,31 +20,31 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
|
||||
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \
|
||||
!defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
|
||||
!defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
|
||||
!defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
|
||||
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
|
||||
"MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
|
||||
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
|
||||
"not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
@@ -100,25 +100,25 @@ int main( void )
|
||||
#define MODE_SSL_TLS 0
|
||||
#define MODE_STARTTLS 0
|
||||
|
||||
#if defined(POLARSSL_BASE64_C)
|
||||
#if defined(MBEDTLS_BASE64_C)
|
||||
#define USAGE_AUTH \
|
||||
" authentication=%%d default: 0 (disabled)\n" \
|
||||
" user_name=%%s default: \"user\"\n" \
|
||||
" user_pwd=%%s default: \"password\"\n"
|
||||
#else
|
||||
#define USAGE_AUTH \
|
||||
" authentication options disabled. (Require POLARSSL_BASE64_C)\n"
|
||||
#endif /* POLARSSL_BASE64_C */
|
||||
" authentication options disabled. (Require MBEDTLS_BASE64_C)\n"
|
||||
#endif /* MBEDTLS_BASE64_C */
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_FS_IO)
|
||||
#define USAGE_IO \
|
||||
" ca_file=%%s default: \"\" (pre-loaded)\n" \
|
||||
" crt_file=%%s default: \"\" (pre-loaded)\n" \
|
||||
" key_file=%%s default: \"\" (pre-loaded)\n"
|
||||
#else
|
||||
#define USAGE_IO \
|
||||
" No file operations available (POLARSSL_FS_IO not defined)\n"
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
" No file operations available (MBEDTLS_FS_IO not defined)\n"
|
||||
#endif /* MBEDTLS_FS_IO */
|
||||
|
||||
#define USAGE \
|
||||
"\n usage: ssl_mail_client param=<>...\n" \
|
||||
@@ -158,12 +158,12 @@ static void my_debug( void *ctx, int level, const char *str )
|
||||
{
|
||||
if( level < opt.debug_level )
|
||||
{
|
||||
polarssl_fprintf( (FILE *) ctx, "%s", str );
|
||||
mbedtls_fprintf( (FILE *) ctx, "%s", str );
|
||||
fflush( (FILE *) ctx );
|
||||
}
|
||||
}
|
||||
|
||||
static int do_handshake( ssl_context *ssl, struct options *opt )
|
||||
static int do_handshake( mbedtls_ssl_context *ssl, struct options *opt )
|
||||
{
|
||||
int ret;
|
||||
unsigned char buf[1024];
|
||||
@@ -172,69 +172,69 @@ static int do_handshake( ssl_context *ssl, struct options *opt )
|
||||
/*
|
||||
* 4. Handshake
|
||||
*/
|
||||
polarssl_printf( " . Performing the SSL/TLS handshake..." );
|
||||
mbedtls_printf( " . Performing the SSL/TLS handshake..." );
|
||||
fflush( stdout );
|
||||
|
||||
while( ( ret = ssl_handshake( ssl ) ) != 0 )
|
||||
while( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
#if defined(POLARSSL_ERROR_C)
|
||||
polarssl_strerror( ret, (char *) buf, 1024 );
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
mbedtls_strerror( ret, (char *) buf, 1024 );
|
||||
#endif
|
||||
polarssl_printf( " failed\n ! ssl_handshake returned %d: %s\n\n", ret, buf );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf );
|
||||
return( -1 );
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n [ Ciphersuite is %s ]\n",
|
||||
ssl_get_ciphersuite( ssl ) );
|
||||
mbedtls_printf( " ok\n [ Ciphersuite is %s ]\n",
|
||||
mbedtls_ssl_get_ciphersuite( ssl ) );
|
||||
|
||||
/*
|
||||
* 5. Verify the server certificate
|
||||
*/
|
||||
polarssl_printf( " . Verifying peer X.509 certificate..." );
|
||||
mbedtls_printf( " . Verifying peer X.509 certificate..." );
|
||||
|
||||
/* In real life, we may want to bail out when ret != 0 */
|
||||
if( ( ret = ssl_get_verify_result( ssl ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_get_verify_result( ssl ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n" );
|
||||
mbedtls_printf( " failed\n" );
|
||||
|
||||
if( ( ret & BADCERT_EXPIRED ) != 0 )
|
||||
polarssl_printf( " ! server certificate has expired\n" );
|
||||
if( ( ret & MBEDTLS_BADCERT_EXPIRED ) != 0 )
|
||||
mbedtls_printf( " ! server certificate has expired\n" );
|
||||
|
||||
if( ( ret & BADCERT_REVOKED ) != 0 )
|
||||
polarssl_printf( " ! server certificate has been revoked\n" );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_REVOKED ) != 0 )
|
||||
mbedtls_printf( " ! server certificate has been revoked\n" );
|
||||
|
||||
if( ( ret & BADCERT_CN_MISMATCH ) != 0 )
|
||||
polarssl_printf( " ! CN mismatch (expected CN=%s)\n", opt->server_name );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 )
|
||||
mbedtls_printf( " ! CN mismatch (expected CN=%s)\n", opt->server_name );
|
||||
|
||||
if( ( ret & BADCERT_NOT_TRUSTED ) != 0 )
|
||||
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 )
|
||||
mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" );
|
||||
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
}
|
||||
else
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
polarssl_printf( " . Peer certificate information ...\n" );
|
||||
x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||
ssl_get_peer_cert( ssl ) );
|
||||
polarssl_printf( "%s\n", buf );
|
||||
mbedtls_printf( " . Peer certificate information ...\n" );
|
||||
mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||
mbedtls_ssl_get_peer_cert( ssl ) );
|
||||
mbedtls_printf( "%s\n", buf );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
static int write_ssl_data( ssl_context *ssl, unsigned char *buf, size_t len )
|
||||
static int write_ssl_data( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
|
||||
{
|
||||
int ret;
|
||||
|
||||
polarssl_printf("\n%s", buf);
|
||||
while( len && ( ret = ssl_write( ssl, buf, len ) ) <= 0 )
|
||||
mbedtls_printf("\n%s", buf);
|
||||
while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
@@ -242,19 +242,19 @@ static int write_ssl_data( ssl_context *ssl, unsigned char *buf, size_t len )
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
static int write_ssl_and_get_response( ssl_context *ssl, unsigned char *buf, size_t len )
|
||||
static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
|
||||
{
|
||||
int ret;
|
||||
unsigned char data[128];
|
||||
char code[4];
|
||||
size_t i, idx = 0;
|
||||
|
||||
polarssl_printf("\n%s", buf);
|
||||
while( len && ( ret = ssl_write( ssl, buf, len ) ) <= 0 )
|
||||
mbedtls_printf("\n%s", buf);
|
||||
while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
@@ -263,21 +263,21 @@ static int write_ssl_and_get_response( ssl_context *ssl, unsigned char *buf, siz
|
||||
{
|
||||
len = sizeof( data ) - 1;
|
||||
memset( data, 0, sizeof( data ) );
|
||||
ret = ssl_read( ssl, data, len );
|
||||
ret = mbedtls_ssl_read( ssl, data, len );
|
||||
|
||||
if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret == MBEDTLS_ERR_NET_WANT_READ || ret == MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
continue;
|
||||
|
||||
if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY )
|
||||
if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY )
|
||||
return -1;
|
||||
|
||||
if( ret <= 0 )
|
||||
{
|
||||
polarssl_printf( "failed\n ! ssl_read returned %d\n\n", ret );
|
||||
mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret );
|
||||
return -1;
|
||||
}
|
||||
|
||||
polarssl_printf("\n%s", data);
|
||||
mbedtls_printf("\n%s", data);
|
||||
len = ret;
|
||||
for( i = 0; i < len; i++ )
|
||||
{
|
||||
@@ -307,10 +307,10 @@ static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len )
|
||||
char code[4];
|
||||
size_t i, idx = 0;
|
||||
|
||||
polarssl_printf("\n%s", buf);
|
||||
mbedtls_printf("\n%s", buf);
|
||||
if( len && ( ret = write( sock_fd, buf, len ) ) <= 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
|
||||
return -1;
|
||||
}
|
||||
|
||||
@@ -322,12 +322,12 @@ static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len )
|
||||
|
||||
if( ret <= 0 )
|
||||
{
|
||||
polarssl_printf( "failed\n ! read returned %d\n\n", ret );
|
||||
mbedtls_printf( "failed\n ! read returned %d\n\n", ret );
|
||||
return -1;
|
||||
}
|
||||
|
||||
data[len] = '\0';
|
||||
polarssl_printf("\n%s", data);
|
||||
mbedtls_printf("\n%s", data);
|
||||
len = ret;
|
||||
for( i = 0; i < len; i++ )
|
||||
{
|
||||
@@ -354,18 +354,18 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0, len, server_fd;
|
||||
unsigned char buf[1024];
|
||||
#if defined(POLARSSL_BASE64_C)
|
||||
#if defined(MBEDTLS_BASE64_C)
|
||||
unsigned char base[1024];
|
||||
#endif
|
||||
char hostname[32];
|
||||
const char *pers = "ssl_mail_client";
|
||||
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_crt cacert;
|
||||
x509_crt clicert;
|
||||
pk_context pkey;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ssl_context ssl;
|
||||
mbedtls_x509_crt cacert;
|
||||
mbedtls_x509_crt clicert;
|
||||
mbedtls_pk_context pkey;
|
||||
int i;
|
||||
size_t n;
|
||||
char *p, *q;
|
||||
@@ -375,24 +375,24 @@ int main( int argc, char *argv[] )
|
||||
* Make sure memory references are valid in case we exit early.
|
||||
*/
|
||||
server_fd = 0;
|
||||
memset( &ssl, 0, sizeof( ssl_context ) );
|
||||
memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
|
||||
memset( &buf, 0, sizeof( buf ) );
|
||||
x509_crt_init( &cacert );
|
||||
x509_crt_init( &clicert );
|
||||
pk_init( &pkey );
|
||||
mbedtls_x509_crt_init( &cacert );
|
||||
mbedtls_x509_crt_init( &clicert );
|
||||
mbedtls_pk_init( &pkey );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
usage:
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
|
||||
list = ssl_list_ciphersuites();
|
||||
list = mbedtls_ssl_list_ciphersuites();
|
||||
while( *list )
|
||||
{
|
||||
polarssl_printf(" %s\n", ssl_get_ciphersuite_name( *list ) );
|
||||
mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) );
|
||||
list++;
|
||||
}
|
||||
polarssl_printf("\n");
|
||||
mbedtls_printf("\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -461,7 +461,7 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
opt.force_ciphersuite[0] = -1;
|
||||
|
||||
opt.force_ciphersuite[0] = ssl_get_ciphersuite_id( q );
|
||||
opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q );
|
||||
|
||||
if( opt.force_ciphersuite[0] <= 0 )
|
||||
goto usage;
|
||||
@@ -475,151 +475,151 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 0. Initialize the RNG and the session data
|
||||
*/
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.1. Load the trusted CA
|
||||
*/
|
||||
polarssl_printf( " . Loading the CA root certificate ..." );
|
||||
mbedtls_printf( " . Loading the CA root certificate ..." );
|
||||
fflush( stdout );
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_FS_IO)
|
||||
if( strlen( opt.ca_file ) )
|
||||
ret = x509_crt_parse_file( &cacert, opt.ca_file );
|
||||
ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_CERTS_C)
|
||||
ret = x509_crt_parse( &cacert, (const unsigned char *) test_cas_pem,
|
||||
test_cas_pem_len );
|
||||
#if defined(MBEDTLS_CERTS_C)
|
||||
ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
|
||||
mbedtls_test_cas_pem_len );
|
||||
#else
|
||||
{
|
||||
ret = 1;
|
||||
polarssl_printf("POLARSSL_CERTS_C not defined.");
|
||||
mbedtls_printf("MBEDTLS_CERTS_C not defined.");
|
||||
}
|
||||
#endif
|
||||
if( ret < 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok (%d skipped)\n", ret );
|
||||
mbedtls_printf( " ok (%d skipped)\n", ret );
|
||||
|
||||
/*
|
||||
* 1.2. Load own certificate and private key
|
||||
*
|
||||
* (can be skipped if client authentication is not required)
|
||||
*/
|
||||
polarssl_printf( " . Loading the client cert. and key..." );
|
||||
mbedtls_printf( " . Loading the client cert. and key..." );
|
||||
fflush( stdout );
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_FS_IO)
|
||||
if( strlen( opt.crt_file ) )
|
||||
ret = x509_crt_parse_file( &clicert, opt.crt_file );
|
||||
ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file );
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_CERTS_C)
|
||||
ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt,
|
||||
test_cli_crt_len );
|
||||
#if defined(MBEDTLS_CERTS_C)
|
||||
ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt,
|
||||
mbedtls_test_cli_crt_len );
|
||||
#else
|
||||
{
|
||||
ret = -1;
|
||||
polarssl_printf("POLARSSL_CERTS_C not defined.");
|
||||
mbedtls_printf("MBEDTLS_CERTS_C not defined.");
|
||||
}
|
||||
#endif
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_FS_IO)
|
||||
if( strlen( opt.key_file ) )
|
||||
ret = pk_parse_keyfile( &pkey, opt.key_file, "" );
|
||||
ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" );
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_CERTS_C) && defined(POLARSSL_PEM_PARSE_C)
|
||||
ret = pk_parse_key( &pkey, (const unsigned char *) test_cli_key,
|
||||
test_cli_key_len, NULL, 0 );
|
||||
#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C)
|
||||
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key,
|
||||
mbedtls_test_cli_key_len, NULL, 0 );
|
||||
#else
|
||||
{
|
||||
ret = -1;
|
||||
polarssl_printf("POLARSSL_CERTS_C or POLARSSL_PEM_PARSE_C not defined.");
|
||||
mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined.");
|
||||
}
|
||||
#endif
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 2. Start the connection
|
||||
*/
|
||||
polarssl_printf( " . Connecting to tcp/%s/%-4d...", opt.server_name,
|
||||
mbedtls_printf( " . Connecting to tcp/%s/%-4d...", opt.server_name,
|
||||
opt.server_port );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_connect( &server_fd, opt.server_name,
|
||||
opt.server_port, NET_PROTO_TCP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name,
|
||||
opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 3. Setup stuff
|
||||
*/
|
||||
polarssl_printf( " . Setting up the SSL/TLS structure..." );
|
||||
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ssl_init( &ssl ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
||||
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
|
||||
/* OPTIONAL is not optimal for security,
|
||||
* but makes interop easier in this simplified example */
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
|
||||
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL );
|
||||
|
||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
ssl_set_bio_timeout( &ssl, &server_fd, net_send, net_recv, NULL, 0 );
|
||||
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
|
||||
|
||||
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
|
||||
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
|
||||
mbedtls_ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
|
||||
|
||||
ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
|
||||
if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
|
||||
mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
|
||||
if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
|
||||
if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
|
||||
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
|
||||
if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
#endif
|
||||
@@ -629,19 +629,19 @@ int main( int argc, char *argv[] )
|
||||
if( do_handshake( &ssl, &opt ) != 0 )
|
||||
goto exit;
|
||||
|
||||
polarssl_printf( " > Get header from server:" );
|
||||
mbedtls_printf( " > Get header from server:" );
|
||||
fflush( stdout );
|
||||
|
||||
ret = write_ssl_and_get_response( &ssl, buf, 0 );
|
||||
if( ret < 200 || ret > 299 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
|
||||
polarssl_printf( " > Write EHLO to server:" );
|
||||
mbedtls_printf( " > Write EHLO to server:" );
|
||||
fflush( stdout );
|
||||
|
||||
gethostname( hostname, 32 );
|
||||
@@ -649,25 +649,25 @@ int main( int argc, char *argv[] )
|
||||
ret = write_ssl_and_get_response( &ssl, buf, len );
|
||||
if( ret < 200 || ret > 299 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
polarssl_printf( " > Get header from server:" );
|
||||
mbedtls_printf( " > Get header from server:" );
|
||||
fflush( stdout );
|
||||
|
||||
ret = write_and_get_response( server_fd, buf, 0 );
|
||||
if( ret < 200 || ret > 299 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
|
||||
polarssl_printf( " > Write EHLO to server:" );
|
||||
mbedtls_printf( " > Write EHLO to server:" );
|
||||
fflush( stdout );
|
||||
|
||||
gethostname( hostname, 32 );
|
||||
@@ -675,13 +675,13 @@ int main( int argc, char *argv[] )
|
||||
ret = write_and_get_response( server_fd, buf, len );
|
||||
if( ret < 200 || ret > 299 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
|
||||
polarssl_printf( " > Write STARTTLS to server:" );
|
||||
mbedtls_printf( " > Write STARTTLS to server:" );
|
||||
fflush( stdout );
|
||||
|
||||
gethostname( hostname, 32 );
|
||||
@@ -689,115 +689,115 @@ int main( int argc, char *argv[] )
|
||||
ret = write_and_get_response( server_fd, buf, len );
|
||||
if( ret < 200 || ret > 299 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
|
||||
if( do_handshake( &ssl, &opt ) != 0 )
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_BASE64_C)
|
||||
#if defined(MBEDTLS_BASE64_C)
|
||||
if( opt.authentication )
|
||||
{
|
||||
polarssl_printf( " > Write AUTH LOGIN to server:" );
|
||||
mbedtls_printf( " > Write AUTH LOGIN to server:" );
|
||||
fflush( stdout );
|
||||
|
||||
len = sprintf( (char *) buf, "AUTH LOGIN\r\n" );
|
||||
ret = write_ssl_and_get_response( &ssl, buf, len );
|
||||
if( ret < 200 || ret > 399 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
|
||||
polarssl_printf( " > Write username to server: %s", opt.user_name );
|
||||
mbedtls_printf( " > Write username to server: %s", opt.user_name );
|
||||
fflush( stdout );
|
||||
|
||||
n = sizeof( buf );
|
||||
ret = base64_encode( base, &n, (const unsigned char *) opt.user_name,
|
||||
ret = mbedtls_base64_encode( base, &n, (const unsigned char *) opt.user_name,
|
||||
strlen( opt.user_name ) );
|
||||
|
||||
if( ret != 0 ) {
|
||||
polarssl_printf( " failed\n ! base64_encode returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
len = sprintf( (char *) buf, "%s\r\n", base );
|
||||
ret = write_ssl_and_get_response( &ssl, buf, len );
|
||||
if( ret < 300 || ret > 399 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
|
||||
polarssl_printf( " > Write password to server: %s", opt.user_pwd );
|
||||
mbedtls_printf( " > Write password to server: %s", opt.user_pwd );
|
||||
fflush( stdout );
|
||||
|
||||
ret = base64_encode( base, &n, (const unsigned char *) opt.user_pwd,
|
||||
ret = mbedtls_base64_encode( base, &n, (const unsigned char *) opt.user_pwd,
|
||||
strlen( opt.user_pwd ) );
|
||||
|
||||
if( ret != 0 ) {
|
||||
polarssl_printf( " failed\n ! base64_encode returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
len = sprintf( (char *) buf, "%s\r\n", base );
|
||||
ret = write_ssl_and_get_response( &ssl, buf, len );
|
||||
if( ret < 200 || ret > 399 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
}
|
||||
#endif
|
||||
|
||||
polarssl_printf( " > Write MAIL FROM to server:" );
|
||||
mbedtls_printf( " > Write MAIL FROM to server:" );
|
||||
fflush( stdout );
|
||||
|
||||
len = sprintf( (char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from );
|
||||
ret = write_ssl_and_get_response( &ssl, buf, len );
|
||||
if( ret < 200 || ret > 299 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
|
||||
polarssl_printf( " > Write RCPT TO to server:" );
|
||||
mbedtls_printf( " > Write RCPT TO to server:" );
|
||||
fflush( stdout );
|
||||
|
||||
len = sprintf( (char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to );
|
||||
ret = write_ssl_and_get_response( &ssl, buf, len );
|
||||
if( ret < 200 || ret > 299 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
|
||||
polarssl_printf( " > Write DATA to server:" );
|
||||
mbedtls_printf( " > Write DATA to server:" );
|
||||
fflush( stdout );
|
||||
|
||||
len = sprintf( (char *) buf, "DATA\r\n" );
|
||||
ret = write_ssl_and_get_response( &ssl, buf, len );
|
||||
if( ret < 300 || ret > 399 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
|
||||
polarssl_printf( " > Write content to server:" );
|
||||
mbedtls_printf( " > Write content to server:" );
|
||||
fflush( stdout );
|
||||
|
||||
len = sprintf( (char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n"
|
||||
@@ -811,32 +811,32 @@ int main( int argc, char *argv[] )
|
||||
ret = write_ssl_and_get_response( &ssl, buf, len );
|
||||
if( ret < 200 || ret > 299 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf(" ok\n" );
|
||||
mbedtls_printf(" ok\n" );
|
||||
|
||||
ssl_close_notify( &ssl );
|
||||
mbedtls_ssl_close_notify( &ssl );
|
||||
|
||||
exit:
|
||||
|
||||
if( server_fd )
|
||||
net_close( server_fd );
|
||||
x509_crt_free( &clicert );
|
||||
x509_crt_free( &cacert );
|
||||
pk_free( &pkey );
|
||||
ssl_free( &ssl );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_net_close( server_fd );
|
||||
mbedtls_x509_crt_free( &clicert );
|
||||
mbedtls_x509_crt_free( &cacert );
|
||||
mbedtls_pk_free( &pkey );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_SSL_TLS_C &&
|
||||
POLARSSL_SSL_CLI_C && POLARSSL_NET_C && POLARSSL_RSA_C **
|
||||
POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
|
||||
MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C **
|
||||
MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -21,36 +21,36 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_snprintf snprintf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
|
||||
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
|
||||
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
|
||||
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_THREADING_C) || !defined(POLARSSL_THREADING_PTHREAD) || \
|
||||
!defined(POLARSSL_PEM_PARSE_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
|
||||
!defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \
|
||||
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
|
||||
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
|
||||
!defined(MBEDTLS_THREADING_C) || !defined(MBEDTLS_THREADING_PTHREAD) || \
|
||||
!defined(MBEDTLS_PEM_PARSE_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
|
||||
"and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
|
||||
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
|
||||
"POLARSSL_THREADING_C and/or POLARSSL_THREADING_PTHREAD "
|
||||
"and/or POLARSSL_PEM_PARSE_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
|
||||
"and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
|
||||
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
|
||||
"MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD "
|
||||
"and/or MBEDTLS_PEM_PARSE_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -70,11 +70,11 @@ int main( void )
|
||||
#include "mbedtls/net.h"
|
||||
#include "mbedtls/error.h"
|
||||
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
#include "mbedtls/ssl_cache.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
#include "mbedtls/memory_buffer_alloc.h"
|
||||
#endif
|
||||
|
||||
@@ -87,29 +87,29 @@ int main( void )
|
||||
|
||||
#define MAX_NUM_THREADS 5
|
||||
|
||||
threading_mutex_t debug_mutex;
|
||||
mbedtls_threading_mutex_t debug_mutex;
|
||||
|
||||
static void my_mutexed_debug( void *ctx, int level, const char *str )
|
||||
{
|
||||
polarssl_mutex_lock( &debug_mutex );
|
||||
mbedtls_mutex_lock( &debug_mutex );
|
||||
if( level < DEBUG_LEVEL )
|
||||
{
|
||||
polarssl_fprintf( (FILE *) ctx, "%s", str );
|
||||
mbedtls_fprintf( (FILE *) ctx, "%s", str );
|
||||
fflush( (FILE *) ctx );
|
||||
}
|
||||
polarssl_mutex_unlock( &debug_mutex );
|
||||
mbedtls_mutex_unlock( &debug_mutex );
|
||||
}
|
||||
|
||||
typedef struct {
|
||||
int client_fd;
|
||||
int thread_complete;
|
||||
entropy_context *entropy;
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_context *cache;
|
||||
mbedtls_entropy_context *entropy;
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_context *cache;
|
||||
#endif
|
||||
x509_crt *ca_chain;
|
||||
x509_crt *server_cert;
|
||||
pk_context *server_key;
|
||||
mbedtls_x509_crt *ca_chain;
|
||||
mbedtls_x509_crt *server_cert;
|
||||
mbedtls_pk_context *server_key;
|
||||
} thread_info_t;
|
||||
|
||||
typedef struct {
|
||||
@@ -129,123 +129,123 @@ static void *handle_ssl_connection( void *data )
|
||||
int thread_id = (int) pthread_self();
|
||||
unsigned char buf[1024];
|
||||
char pers[50];
|
||||
ssl_context ssl;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ssl_context ssl;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
|
||||
/* Make sure memory references are valid */
|
||||
memset( &ssl, 0, sizeof( ssl_context ) );
|
||||
memset( &ctr_drbg, 0, sizeof( ctr_drbg_context ) );
|
||||
memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
|
||||
memset( &ctr_drbg, 0, sizeof( mbedtls_ctr_drbg_context ) );
|
||||
|
||||
polarssl_snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id );
|
||||
polarssl_printf( " [ #%d ] Client FD %d\n", thread_id, client_fd );
|
||||
polarssl_printf( " [ #%d ] Seeding the random number generator...\n", thread_id );
|
||||
mbedtls_snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id );
|
||||
mbedtls_printf( " [ #%d ] Client FD %d\n", thread_id, client_fd );
|
||||
mbedtls_printf( " [ #%d ] Seeding the random number generator...\n", thread_id );
|
||||
|
||||
/* entropy_func() is thread-safe if POLARSSL_THREADING_C is set
|
||||
/* mbedtls_entropy_func() is thread-safe if MBEDTLS_THREADING_C is set
|
||||
*/
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, thread_info->entropy,
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, thread_info->entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " [ #%d ] failed: ctr_drbg_init returned -0x%04x\n",
|
||||
mbedtls_printf( " [ #%d ] failed: mbedtls_ctr_drbg_init returned -0x%04x\n",
|
||||
thread_id, -ret );
|
||||
goto thread_exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " [ #%d ] ok\n", thread_id );
|
||||
mbedtls_printf( " [ #%d ] ok\n", thread_id );
|
||||
|
||||
/*
|
||||
* 4. Setup stuff
|
||||
*/
|
||||
polarssl_printf( " [ #%d ] Setting up the SSL data....\n", thread_id );
|
||||
mbedtls_printf( " [ #%d ] Setting up the SSL data....\n", thread_id );
|
||||
|
||||
if( ( ret = ssl_init( &ssl ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " [ #%d ] failed: ssl_init returned -0x%04x\n",
|
||||
mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_init returned -0x%04x\n",
|
||||
thread_id, -ret );
|
||||
goto thread_exit;
|
||||
}
|
||||
|
||||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
|
||||
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
|
||||
|
||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||
ssl_set_dbg( &ssl, my_mutexed_debug, stdout );
|
||||
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_set_dbg( &ssl, my_mutexed_debug, stdout );
|
||||
|
||||
/* ssl_cache_get() and ssl_cache_set() are thread-safe if
|
||||
* POLARSSL_THREADING_C is set.
|
||||
/* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if
|
||||
* MBEDTLS_THREADING_C is set.
|
||||
*/
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_set_session_cache( &ssl, ssl_cache_get, thread_info->cache,
|
||||
ssl_cache_set, thread_info->cache );
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, thread_info->cache,
|
||||
mbedtls_ssl_cache_set, thread_info->cache );
|
||||
#endif
|
||||
|
||||
ssl_set_ca_chain( &ssl, thread_info->ca_chain, NULL, NULL );
|
||||
if( ( ret = ssl_set_own_cert( &ssl, thread_info->server_cert, thread_info->server_key ) ) != 0 )
|
||||
mbedtls_ssl_set_ca_chain( &ssl, thread_info->ca_chain, NULL, NULL );
|
||||
if( ( ret = mbedtls_ssl_set_own_cert( &ssl, thread_info->server_cert, thread_info->server_key ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
|
||||
goto thread_exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " [ #%d ] ok\n", thread_id );
|
||||
mbedtls_printf( " [ #%d ] ok\n", thread_id );
|
||||
|
||||
ssl_set_bio_timeout( &ssl, &client_fd, net_send, net_recv, NULL, 0 );
|
||||
mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
|
||||
|
||||
polarssl_printf( " [ #%d ] ok\n", thread_id );
|
||||
mbedtls_printf( " [ #%d ] ok\n", thread_id );
|
||||
|
||||
/*
|
||||
* 5. Handshake
|
||||
*/
|
||||
polarssl_printf( " [ #%d ] Performing the SSL/TLS handshake\n", thread_id );
|
||||
mbedtls_printf( " [ #%d ] Performing the SSL/TLS handshake\n", thread_id );
|
||||
|
||||
while( ( ret = ssl_handshake( &ssl ) ) != 0 )
|
||||
while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " [ #%d ] failed: ssl_handshake returned -0x%04x\n",
|
||||
mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_handshake returned -0x%04x\n",
|
||||
thread_id, -ret );
|
||||
goto thread_exit;
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( " [ #%d ] ok\n", thread_id );
|
||||
mbedtls_printf( " [ #%d ] ok\n", thread_id );
|
||||
|
||||
/*
|
||||
* 6. Read the HTTP Request
|
||||
*/
|
||||
polarssl_printf( " [ #%d ] < Read from client\n", thread_id );
|
||||
mbedtls_printf( " [ #%d ] < Read from client\n", thread_id );
|
||||
|
||||
do
|
||||
{
|
||||
len = sizeof( buf ) - 1;
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
ret = ssl_read( &ssl, buf, len );
|
||||
ret = mbedtls_ssl_read( &ssl, buf, len );
|
||||
|
||||
if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret == MBEDTLS_ERR_NET_WANT_READ || ret == MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
continue;
|
||||
|
||||
if( ret <= 0 )
|
||||
{
|
||||
switch( ret )
|
||||
{
|
||||
case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY:
|
||||
polarssl_printf( " [ #%d ] connection was closed gracefully\n",
|
||||
case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
|
||||
mbedtls_printf( " [ #%d ] connection was closed gracefully\n",
|
||||
thread_id );
|
||||
goto thread_exit;
|
||||
|
||||
case POLARSSL_ERR_NET_CONN_RESET:
|
||||
polarssl_printf( " [ #%d ] connection was reset by peer\n",
|
||||
case MBEDTLS_ERR_NET_CONN_RESET:
|
||||
mbedtls_printf( " [ #%d ] connection was reset by peer\n",
|
||||
thread_id );
|
||||
goto thread_exit;
|
||||
|
||||
default:
|
||||
polarssl_printf( " [ #%d ] ssl_read returned -0x%04x\n",
|
||||
mbedtls_printf( " [ #%d ] mbedtls_ssl_read returned -0x%04x\n",
|
||||
thread_id, -ret );
|
||||
goto thread_exit;
|
||||
}
|
||||
}
|
||||
|
||||
len = ret;
|
||||
polarssl_printf( " [ #%d ] %d bytes read\n=====\n%s\n=====\n",
|
||||
mbedtls_printf( " [ #%d ] %d bytes read\n=====\n%s\n=====\n",
|
||||
thread_id, len, (char *) buf );
|
||||
|
||||
if( ret > 0 )
|
||||
@@ -256,64 +256,64 @@ static void *handle_ssl_connection( void *data )
|
||||
/*
|
||||
* 7. Write the 200 Response
|
||||
*/
|
||||
polarssl_printf( " [ #%d ] > Write to client:\n", thread_id );
|
||||
mbedtls_printf( " [ #%d ] > Write to client:\n", thread_id );
|
||||
|
||||
len = sprintf( (char *) buf, HTTP_RESPONSE,
|
||||
ssl_get_ciphersuite( &ssl ) );
|
||||
mbedtls_ssl_get_ciphersuite( &ssl ) );
|
||||
|
||||
while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 )
|
||||
while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
|
||||
{
|
||||
if( ret == POLARSSL_ERR_NET_CONN_RESET )
|
||||
if( ret == MBEDTLS_ERR_NET_CONN_RESET )
|
||||
{
|
||||
polarssl_printf( " [ #%d ] failed: peer closed the connection\n",
|
||||
mbedtls_printf( " [ #%d ] failed: peer closed the connection\n",
|
||||
thread_id );
|
||||
goto thread_exit;
|
||||
}
|
||||
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " [ #%d ] failed: ssl_write returned -0x%04x\n",
|
||||
mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_write returned -0x%04x\n",
|
||||
thread_id, ret );
|
||||
goto thread_exit;
|
||||
}
|
||||
}
|
||||
|
||||
len = ret;
|
||||
polarssl_printf( " [ #%d ] %d bytes written\n=====\n%s\n=====\n",
|
||||
mbedtls_printf( " [ #%d ] %d bytes written\n=====\n%s\n=====\n",
|
||||
thread_id, len, (char *) buf );
|
||||
|
||||
polarssl_printf( " [ #%d ] . Closing the connection...", thread_id );
|
||||
mbedtls_printf( " [ #%d ] . Closing the connection...", thread_id );
|
||||
|
||||
while( ( ret = ssl_close_notify( &ssl ) ) < 0 )
|
||||
while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ &&
|
||||
ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ &&
|
||||
ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " [ #%d ] failed: ssl_close_notify returned -0x%04x\n",
|
||||
mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_close_notify returned -0x%04x\n",
|
||||
thread_id, ret );
|
||||
goto thread_exit;
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
ret = 0;
|
||||
|
||||
thread_exit:
|
||||
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
polarssl_strerror( ret, error_buf, 100 );
|
||||
polarssl_printf(" [ #%d ] Last error was: -0x%04x - %s\n\n",
|
||||
mbedtls_strerror( ret, error_buf, 100 );
|
||||
mbedtls_printf(" [ #%d ] Last error was: -0x%04x - %s\n\n",
|
||||
thread_id, -ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
net_close( client_fd );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
ssl_free( &ssl );
|
||||
mbedtls_net_close( client_fd );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
|
||||
thread_info->thread_complete = 1;
|
||||
|
||||
@@ -334,7 +334,7 @@ static int thread_create( int client_fd )
|
||||
|
||||
if( threads[i].data.thread_complete == 1 )
|
||||
{
|
||||
polarssl_printf( " [ main ] Cleaning up thread %d\n", i );
|
||||
mbedtls_printf( " [ main ] Cleaning up thread %d\n", i );
|
||||
pthread_join(threads[i].thread, NULL );
|
||||
memset( &threads[i], 0, sizeof(pthread_info_t) );
|
||||
break;
|
||||
@@ -365,70 +365,70 @@ int main( void )
|
||||
int listen_fd;
|
||||
int client_fd = -1;
|
||||
|
||||
entropy_context entropy;
|
||||
x509_crt srvcert;
|
||||
pk_context pkey;
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_x509_crt srvcert;
|
||||
mbedtls_pk_context pkey;
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
unsigned char alloc_buf[100000];
|
||||
#endif
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_context cache;
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_context cache;
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_init( &cache );
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_init( &cache );
|
||||
base_info.cache = &cache;
|
||||
#endif
|
||||
|
||||
memset( threads, 0, sizeof(threads) );
|
||||
|
||||
polarssl_mutex_init( &debug_mutex );
|
||||
mbedtls_mutex_init( &debug_mutex );
|
||||
|
||||
/*
|
||||
* We use only a single entropy source that is used in all the threads.
|
||||
*/
|
||||
entropy_init( &entropy );
|
||||
mbedtls_entropy_init( &entropy );
|
||||
base_info.entropy = &entropy;
|
||||
|
||||
/*
|
||||
* 1. Load the certificates and private RSA key
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the server cert. and key..." );
|
||||
mbedtls_printf( "\n . Loading the server cert. and key..." );
|
||||
fflush( stdout );
|
||||
|
||||
x509_crt_init( &srvcert );
|
||||
mbedtls_x509_crt_init( &srvcert );
|
||||
|
||||
/*
|
||||
* This demonstration program uses embedded test certificates.
|
||||
* Instead, you may want to use x509_crt_parse_file() to read the
|
||||
* server and CA certificates, as well as pk_parse_keyfile().
|
||||
* Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
|
||||
* server and CA certificates, as well as mbedtls_pk_parse_keyfile().
|
||||
*/
|
||||
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
|
||||
test_srv_crt_len );
|
||||
ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
|
||||
mbedtls_test_srv_crt_len );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_cas_pem,
|
||||
test_cas_pem_len );
|
||||
ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
|
||||
mbedtls_test_cas_pem_len );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
pk_init( &pkey );
|
||||
ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
|
||||
test_srv_key_len, NULL, 0 );
|
||||
mbedtls_pk_init( &pkey );
|
||||
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
|
||||
mbedtls_test_srv_key_len, NULL, 0 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -436,29 +436,29 @@ int main( void )
|
||||
base_info.server_cert = &srvcert;
|
||||
base_info.server_key = &pkey;
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 2. Setup the listening TCP socket
|
||||
*/
|
||||
polarssl_printf( " . Bind on https://localhost:4433/ ..." );
|
||||
mbedtls_printf( " . Bind on https://localhost:4433/ ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_bind( &listen_fd, NULL, 4433, NET_PROTO_TCP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_bind( &listen_fd, NULL, 4433, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
reset:
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
polarssl_strerror( ret, error_buf, 100 );
|
||||
polarssl_printf( " [ main ] Last error was: -0x%04x - %s\n", -ret, error_buf );
|
||||
mbedtls_strerror( ret, error_buf, 100 );
|
||||
mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", -ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -467,21 +467,21 @@ reset:
|
||||
*/
|
||||
client_fd = -1;
|
||||
|
||||
polarssl_printf( " [ main ] Waiting for a remote connection\n" );
|
||||
mbedtls_printf( " [ main ] Waiting for a remote connection\n" );
|
||||
|
||||
if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " [ main ] failed: net_accept returned -0x%04x\n", ret );
|
||||
mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " [ main ] ok\n" );
|
||||
polarssl_printf( " [ main ] Creating a new thread\n" );
|
||||
mbedtls_printf( " [ main ] ok\n" );
|
||||
mbedtls_printf( " [ main ] Creating a new thread\n" );
|
||||
|
||||
if( ( ret = thread_create( client_fd ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " [ main ] failed: thread_create returned %d\n", ret );
|
||||
net_close( client_fd );
|
||||
mbedtls_printf( " [ main ] failed: thread_create returned %d\n", ret );
|
||||
mbedtls_net_close( client_fd );
|
||||
goto reset;
|
||||
}
|
||||
|
||||
@@ -489,28 +489,28 @@ reset:
|
||||
goto reset;
|
||||
|
||||
exit:
|
||||
x509_crt_free( &srvcert );
|
||||
pk_free( &pkey );
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_free( &cache );
|
||||
mbedtls_x509_crt_free( &srvcert );
|
||||
mbedtls_pk_free( &pkey );
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_free( &cache );
|
||||
#endif
|
||||
entropy_free( &entropy );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
polarssl_mutex_free( &debug_mutex );
|
||||
mbedtls_mutex_free( &debug_mutex );
|
||||
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
memory_buffer_alloc_free();
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
mbedtls_memory_buffer_alloc_free();
|
||||
#endif
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_CERTS_C && POLARSSL_ENTROPY_C &&
|
||||
POLARSSL_SSL_TLS_C && POLARSSL_SSL_SRV_C && POLARSSL_NET_C &&
|
||||
POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C && POLARSSL_THREADING_C &&
|
||||
POLARSSL_THREADING_PTHREAD && POLARSSL_PEM_PARSE_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
|
||||
MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
|
||||
MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_THREADING_C &&
|
||||
MBEDTLS_THREADING_PTHREAD && MBEDTLS_PEM_PARSE_C */
|
||||
|
||||
@@ -20,33 +20,33 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
|
||||
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
|
||||
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
|
||||
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_PEM_PARSE_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
|
||||
!defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \
|
||||
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
|
||||
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
|
||||
!defined(MBEDTLS_PEM_PARSE_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
|
||||
"and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
|
||||
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
|
||||
"and/or POLARSSL_PEM_PARSE_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
|
||||
"and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
|
||||
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
|
||||
"and/or MBEDTLS_PEM_PARSE_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -67,7 +67,7 @@ int main( void )
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/debug.h"
|
||||
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
#include "mbedtls/ssl_cache.h"
|
||||
#endif
|
||||
|
||||
@@ -82,7 +82,7 @@ static void my_debug( void *ctx, int level, const char *str )
|
||||
{
|
||||
((void) level);
|
||||
|
||||
polarssl_fprintf( (FILE *) ctx, "%s", str );
|
||||
mbedtls_fprintf( (FILE *) ctx, "%s", str );
|
||||
fflush( (FILE *) ctx );
|
||||
}
|
||||
|
||||
@@ -94,205 +94,205 @@ int main( void )
|
||||
unsigned char buf[1024];
|
||||
const char *pers = "ssl_server";
|
||||
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_crt srvcert;
|
||||
pk_context pkey;
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_context cache;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ssl_context ssl;
|
||||
mbedtls_x509_crt srvcert;
|
||||
mbedtls_pk_context pkey;
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_context cache;
|
||||
#endif
|
||||
|
||||
memset( &ssl, 0, sizeof(ssl_context) );
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_init( &cache );
|
||||
memset( &ssl, 0, sizeof(mbedtls_ssl_context) );
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_init( &cache );
|
||||
#endif
|
||||
x509_crt_init( &srvcert );
|
||||
pk_init( &pkey );
|
||||
entropy_init( &entropy );
|
||||
mbedtls_x509_crt_init( &srvcert );
|
||||
mbedtls_pk_init( &pkey );
|
||||
mbedtls_entropy_init( &entropy );
|
||||
|
||||
#if defined(POLARSSL_DEBUG_C)
|
||||
debug_set_threshold( DEBUG_LEVEL );
|
||||
#if defined(MBEDTLS_DEBUG_C)
|
||||
mbedtls_debug_set_threshold( DEBUG_LEVEL );
|
||||
#endif
|
||||
|
||||
/*
|
||||
* 1. Load the certificates and private RSA key
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the server cert. and key..." );
|
||||
mbedtls_printf( "\n . Loading the server cert. and key..." );
|
||||
fflush( stdout );
|
||||
|
||||
/*
|
||||
* This demonstration program uses embedded test certificates.
|
||||
* Instead, you may want to use x509_crt_parse_file() to read the
|
||||
* server and CA certificates, as well as pk_parse_keyfile().
|
||||
* Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
|
||||
* server and CA certificates, as well as mbedtls_pk_parse_keyfile().
|
||||
*/
|
||||
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
|
||||
test_srv_crt_len );
|
||||
ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
|
||||
mbedtls_test_srv_crt_len );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_cas_pem,
|
||||
test_cas_pem_len );
|
||||
ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
|
||||
mbedtls_test_cas_pem_len );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
|
||||
test_srv_key_len, NULL, 0 );
|
||||
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
|
||||
mbedtls_test_srv_key_len, NULL, 0 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 2. Setup the listening TCP socket
|
||||
*/
|
||||
polarssl_printf( " . Bind on https://localhost:4433/ ..." );
|
||||
mbedtls_printf( " . Bind on https://localhost:4433/ ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_bind( &listen_fd, NULL, 4433, NET_PROTO_TCP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_bind( &listen_fd, NULL, 4433, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 3. Seed the RNG
|
||||
*/
|
||||
polarssl_printf( " . Seeding the random number generator..." );
|
||||
mbedtls_printf( " . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 4. Setup stuff
|
||||
*/
|
||||
polarssl_printf( " . Setting up the SSL data...." );
|
||||
mbedtls_printf( " . Setting up the SSL data...." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = ssl_init( &ssl ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
|
||||
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
|
||||
|
||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_set_session_cache( &ssl, ssl_cache_get, &cache,
|
||||
ssl_cache_set, &cache );
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, &cache,
|
||||
mbedtls_ssl_cache_set, &cache );
|
||||
#endif
|
||||
|
||||
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
|
||||
if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
|
||||
mbedtls_ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
|
||||
if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
reset:
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
polarssl_strerror( ret, error_buf, 100 );
|
||||
polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
mbedtls_strerror( ret, error_buf, 100 );
|
||||
mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
if( client_fd != -1 )
|
||||
net_close( client_fd );
|
||||
mbedtls_net_close( client_fd );
|
||||
|
||||
ssl_session_reset( &ssl );
|
||||
mbedtls_ssl_session_reset( &ssl );
|
||||
|
||||
/*
|
||||
* 3. Wait until a client connects
|
||||
*/
|
||||
client_fd = -1;
|
||||
|
||||
polarssl_printf( " . Waiting for a remote connection ..." );
|
||||
mbedtls_printf( " . Waiting for a remote connection ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_accept returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ssl_set_bio_timeout( &ssl, &client_fd, net_send, net_recv, NULL, 0 );
|
||||
mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 5. Handshake
|
||||
*/
|
||||
polarssl_printf( " . Performing the SSL/TLS handshake..." );
|
||||
mbedtls_printf( " . Performing the SSL/TLS handshake..." );
|
||||
fflush( stdout );
|
||||
|
||||
while( ( ret = ssl_handshake( &ssl ) ) != 0 )
|
||||
while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret );
|
||||
goto reset;
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 6. Read the HTTP Request
|
||||
*/
|
||||
polarssl_printf( " < Read from client:" );
|
||||
mbedtls_printf( " < Read from client:" );
|
||||
fflush( stdout );
|
||||
|
||||
do
|
||||
{
|
||||
len = sizeof( buf ) - 1;
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
ret = ssl_read( &ssl, buf, len );
|
||||
ret = mbedtls_ssl_read( &ssl, buf, len );
|
||||
|
||||
if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret == MBEDTLS_ERR_NET_WANT_READ || ret == MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
continue;
|
||||
|
||||
if( ret <= 0 )
|
||||
{
|
||||
switch( ret )
|
||||
{
|
||||
case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY:
|
||||
polarssl_printf( " connection was closed gracefully\n" );
|
||||
case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
|
||||
mbedtls_printf( " connection was closed gracefully\n" );
|
||||
break;
|
||||
|
||||
case POLARSSL_ERR_NET_CONN_RESET:
|
||||
polarssl_printf( " connection was reset by peer\n" );
|
||||
case MBEDTLS_ERR_NET_CONN_RESET:
|
||||
mbedtls_printf( " connection was reset by peer\n" );
|
||||
break;
|
||||
|
||||
default:
|
||||
polarssl_printf( " ssl_read returned -0x%x\n", -ret );
|
||||
mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -300,7 +300,7 @@ reset:
|
||||
}
|
||||
|
||||
len = ret;
|
||||
polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf );
|
||||
mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
|
||||
|
||||
if( ret > 0 )
|
||||
break;
|
||||
@@ -310,78 +310,78 @@ reset:
|
||||
/*
|
||||
* 7. Write the 200 Response
|
||||
*/
|
||||
polarssl_printf( " > Write to client:" );
|
||||
mbedtls_printf( " > Write to client:" );
|
||||
fflush( stdout );
|
||||
|
||||
len = sprintf( (char *) buf, HTTP_RESPONSE,
|
||||
ssl_get_ciphersuite( &ssl ) );
|
||||
mbedtls_ssl_get_ciphersuite( &ssl ) );
|
||||
|
||||
while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 )
|
||||
while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
|
||||
{
|
||||
if( ret == POLARSSL_ERR_NET_CONN_RESET )
|
||||
if( ret == MBEDTLS_ERR_NET_CONN_RESET )
|
||||
{
|
||||
polarssl_printf( " failed\n ! peer closed the connection\n\n" );
|
||||
mbedtls_printf( " failed\n ! peer closed the connection\n\n" );
|
||||
goto reset;
|
||||
}
|
||||
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
len = ret;
|
||||
polarssl_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
|
||||
mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
|
||||
|
||||
polarssl_printf( " . Closing the connection..." );
|
||||
mbedtls_printf( " . Closing the connection..." );
|
||||
|
||||
while( ( ret = ssl_close_notify( &ssl ) ) < 0 )
|
||||
while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ &&
|
||||
ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ &&
|
||||
ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_close_notify returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret );
|
||||
goto reset;
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
ret = 0;
|
||||
goto reset;
|
||||
|
||||
exit:
|
||||
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
polarssl_strerror( ret, error_buf, 100 );
|
||||
polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
mbedtls_strerror( ret, error_buf, 100 );
|
||||
mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
if( client_fd != -1 )
|
||||
net_close( client_fd );
|
||||
mbedtls_net_close( client_fd );
|
||||
|
||||
x509_crt_free( &srvcert );
|
||||
pk_free( &pkey );
|
||||
ssl_free( &ssl );
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_free( &cache );
|
||||
mbedtls_x509_crt_free( &srvcert );
|
||||
mbedtls_pk_free( &pkey );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_free( &cache );
|
||||
#endif
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_CERTS_C && POLARSSL_ENTROPY_C &&
|
||||
POLARSSL_SSL_TLS_C && POLARSSL_SSL_SRV_C && POLARSSL_NET_C &&
|
||||
POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C && POLARSSL_X509_CRT_PARSE_C
|
||||
&& POLARSSL_FS_IO && POLARSSL_PEM_PARSE_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
|
||||
MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
|
||||
MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C
|
||||
&& MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -20,26 +20,26 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_exit exit
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_snprintf snprintf
|
||||
#define polarssl_free free
|
||||
#define mbedtls_exit exit
|
||||
#define mbedtls_printf printf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#define mbedtls_free free
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_TIMING_C)
|
||||
#if !defined(MBEDTLS_TIMING_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_TIMING_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_TIMING_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -70,7 +70,7 @@ int main( void )
|
||||
#include "mbedtls/ecdh.h"
|
||||
#include "mbedtls/error.h"
|
||||
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
#include "mbedtls/memory_buffer_alloc.h"
|
||||
#endif
|
||||
|
||||
@@ -97,68 +97,68 @@ int main( void )
|
||||
#define DHM_SIZES 3
|
||||
|
||||
#define OPTIONS \
|
||||
"md4, md5, ripemd160, sha1, sha256, sha512,\n" \
|
||||
"mbedtls_md4, mbedtls_md5, mbedtls_ripemd160, mbedtls_sha1, mbedtls_sha256, mbedtls_sha512,\n" \
|
||||
"arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,\n" \
|
||||
"havege, ctr_drbg, hmac_drbg\n" \
|
||||
"rsa, dhm, ecdsa, ecdh.\n"
|
||||
|
||||
#if defined(POLARSSL_ERROR_C)
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
#define PRINT_ERROR \
|
||||
polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
|
||||
polarssl_printf( "FAILED: %s\n", tmp );
|
||||
mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
|
||||
mbedtls_printf( "FAILED: %s\n", tmp );
|
||||
#else
|
||||
#define PRINT_ERROR \
|
||||
polarssl_printf( "FAILED: -0x%04x\n", -ret );
|
||||
mbedtls_printf( "FAILED: -0x%04x\n", -ret );
|
||||
#endif
|
||||
|
||||
#define TIME_AND_TSC( TITLE, CODE ) \
|
||||
do { \
|
||||
unsigned long i, j, tsc; \
|
||||
\
|
||||
polarssl_printf( HEADER_FORMAT, TITLE ); \
|
||||
mbedtls_printf( HEADER_FORMAT, TITLE ); \
|
||||
fflush( stdout ); \
|
||||
\
|
||||
set_alarm( 1 ); \
|
||||
for( i = 1; ! alarmed; i++ ) \
|
||||
mbedtls_set_alarm( 1 ); \
|
||||
for( i = 1; ! mbedtls_timing_alarmed; i++ ) \
|
||||
{ \
|
||||
CODE; \
|
||||
} \
|
||||
\
|
||||
tsc = hardclock(); \
|
||||
tsc = mbedtls_timing_hardclock(); \
|
||||
for( j = 0; j < 1024; j++ ) \
|
||||
{ \
|
||||
CODE; \
|
||||
} \
|
||||
\
|
||||
polarssl_printf( "%9lu Kb/s, %9lu cycles/byte\n", \
|
||||
mbedtls_printf( "%9lu Kb/s, %9lu cycles/byte\n", \
|
||||
i * BUFSIZE / 1024, \
|
||||
( hardclock() - tsc ) / ( j * BUFSIZE ) ); \
|
||||
( mbedtls_timing_hardclock() - tsc ) / ( j * BUFSIZE ) ); \
|
||||
} while( 0 )
|
||||
|
||||
#if defined(POLARSSL_ERROR_C)
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
#define PRINT_ERROR \
|
||||
polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
|
||||
polarssl_printf( "FAILED: %s\n", tmp );
|
||||
mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
|
||||
mbedtls_printf( "FAILED: %s\n", tmp );
|
||||
#else
|
||||
#define PRINT_ERROR \
|
||||
polarssl_printf( "FAILED: -0x%04x\n", -ret );
|
||||
mbedtls_printf( "FAILED: -0x%04x\n", -ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && defined(POLARSSL_MEMORY_DEBUG)
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
|
||||
|
||||
#define MEMORY_MEASURE_INIT \
|
||||
size_t max_used, max_blocks, max_bytes; \
|
||||
size_t prv_used, prv_blocks; \
|
||||
memory_buffer_alloc_cur_get( &prv_used, &prv_blocks ); \
|
||||
memory_buffer_alloc_max_reset( );
|
||||
mbedtls_memory_buffer_alloc_cur_get( &prv_used, &prv_blocks ); \
|
||||
mbedtls_memory_buffer_alloc_max_reset( );
|
||||
|
||||
#define MEMORY_MEASURE_PRINT( title_len ) \
|
||||
memory_buffer_alloc_max_get( &max_used, &max_blocks ); \
|
||||
for( i = 12 - title_len; i != 0; i-- ) polarssl_printf( " " ); \
|
||||
mbedtls_memory_buffer_alloc_max_get( &max_used, &max_blocks ); \
|
||||
for( i = 12 - title_len; i != 0; i-- ) mbedtls_printf( " " ); \
|
||||
max_used -= prv_used; \
|
||||
max_blocks -= prv_blocks; \
|
||||
max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks; \
|
||||
polarssl_printf( "%6u heap bytes", (unsigned) max_bytes );
|
||||
mbedtls_printf( "%6u heap bytes", (unsigned) max_bytes );
|
||||
|
||||
#else
|
||||
#define MEMORY_MEASURE_INIT
|
||||
@@ -171,12 +171,12 @@ do { \
|
||||
int ret; \
|
||||
MEMORY_MEASURE_INIT; \
|
||||
\
|
||||
polarssl_printf( HEADER_FORMAT, TITLE ); \
|
||||
mbedtls_printf( HEADER_FORMAT, TITLE ); \
|
||||
fflush( stdout ); \
|
||||
set_alarm( 3 ); \
|
||||
mbedtls_set_alarm( 3 ); \
|
||||
\
|
||||
ret = 0; \
|
||||
for( i = 1; ! alarmed && ! ret ; i++ ) \
|
||||
for( i = 1; ! mbedtls_timing_alarmed && ! ret ; i++ ) \
|
||||
{ \
|
||||
CODE; \
|
||||
} \
|
||||
@@ -187,9 +187,9 @@ do { \
|
||||
} \
|
||||
else \
|
||||
{ \
|
||||
polarssl_printf( "%6lu " TYPE "/s", i / 3 ); \
|
||||
mbedtls_printf( "%6lu " TYPE "/s", i / 3 ); \
|
||||
MEMORY_MEASURE_PRINT( sizeof( TYPE ) + 1 ); \
|
||||
polarssl_printf( "\n" ); \
|
||||
mbedtls_printf( "\n" ); \
|
||||
} \
|
||||
} while( 0 )
|
||||
|
||||
@@ -219,15 +219,15 @@ static int myrand( void *rng_state, unsigned char *output, size_t len )
|
||||
/*
|
||||
* Clear some memory that was used to prepare the context
|
||||
*/
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
void ecp_clear_precomputed( ecp_group *grp )
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
void ecp_clear_precomputed( mbedtls_ecp_group *grp )
|
||||
{
|
||||
if( grp->T != NULL )
|
||||
{
|
||||
size_t i;
|
||||
for( i = 0; i < grp->T_size; i++ )
|
||||
ecp_point_free( &grp->T[i] );
|
||||
polarssl_free( grp->T );
|
||||
mbedtls_ecp_point_free( &grp->T[i] );
|
||||
mbedtls_free( grp->T );
|
||||
}
|
||||
grp->T = NULL;
|
||||
grp->T_size = 0;
|
||||
@@ -239,7 +239,7 @@ void ecp_clear_precomputed( ecp_group *grp )
|
||||
unsigned char buf[BUFSIZE];
|
||||
|
||||
typedef struct {
|
||||
char md4, md5, ripemd160, sha1, sha256, sha512,
|
||||
char mbedtls_md4, mbedtls_md5, mbedtls_ripemd160, mbedtls_sha1, mbedtls_sha256, mbedtls_sha512,
|
||||
arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,
|
||||
havege, ctr_drbg, hmac_drbg,
|
||||
rsa, dhm, ecdsa, ecdh;
|
||||
@@ -251,7 +251,7 @@ int main( int argc, char *argv[] )
|
||||
unsigned char tmp[200];
|
||||
char title[TITLE_LEN];
|
||||
todo_list todo;
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
unsigned char malloc_buf[HEAP_SIZE] = { 0 };
|
||||
#endif
|
||||
|
||||
@@ -265,18 +265,18 @@ int main( int argc, char *argv[] )
|
||||
|
||||
for( i = 1; i < argc; i++ )
|
||||
{
|
||||
if( strcmp( argv[i], "md4" ) == 0 )
|
||||
todo.md4 = 1;
|
||||
else if( strcmp( argv[i], "md5" ) == 0 )
|
||||
todo.md5 = 1;
|
||||
else if( strcmp( argv[i], "ripemd160" ) == 0 )
|
||||
todo.ripemd160 = 1;
|
||||
else if( strcmp( argv[i], "sha1" ) == 0 )
|
||||
todo.sha1 = 1;
|
||||
else if( strcmp( argv[i], "sha256" ) == 0 )
|
||||
todo.sha256 = 1;
|
||||
else if( strcmp( argv[i], "sha512" ) == 0 )
|
||||
todo.sha512 = 1;
|
||||
if( strcmp( argv[i], "mbedtls_md4" ) == 0 )
|
||||
todo.mbedtls_md4 = 1;
|
||||
else if( strcmp( argv[i], "mbedtls_md5" ) == 0 )
|
||||
todo.mbedtls_md5 = 1;
|
||||
else if( strcmp( argv[i], "mbedtls_ripemd160" ) == 0 )
|
||||
todo.mbedtls_ripemd160 = 1;
|
||||
else if( strcmp( argv[i], "mbedtls_sha1" ) == 0 )
|
||||
todo.mbedtls_sha1 = 1;
|
||||
else if( strcmp( argv[i], "mbedtls_sha256" ) == 0 )
|
||||
todo.mbedtls_sha256 = 1;
|
||||
else if( strcmp( argv[i], "mbedtls_sha512" ) == 0 )
|
||||
todo.mbedtls_sha512 = 1;
|
||||
else if( strcmp( argv[i], "arc4" ) == 0 )
|
||||
todo.arc4 = 1;
|
||||
else if( strcmp( argv[i], "des3" ) == 0 )
|
||||
@@ -309,518 +309,518 @@ int main( int argc, char *argv[] )
|
||||
todo.ecdh = 1;
|
||||
else
|
||||
{
|
||||
polarssl_printf( "Unrecognized option: %s\n", argv[i] );
|
||||
polarssl_printf( "Available options: " OPTIONS );
|
||||
mbedtls_printf( "Unrecognized option: %s\n", argv[i] );
|
||||
mbedtls_printf( "Available options: " OPTIONS );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
memory_buffer_alloc_init( malloc_buf, sizeof( malloc_buf ) );
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
mbedtls_memory_buffer_alloc_init( malloc_buf, sizeof( malloc_buf ) );
|
||||
#endif
|
||||
memset( buf, 0xAA, sizeof( buf ) );
|
||||
memset( tmp, 0xBB, sizeof( tmp ) );
|
||||
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
if( todo.md4 )
|
||||
TIME_AND_TSC( "MD4", md4( buf, BUFSIZE, tmp ) );
|
||||
#if defined(MBEDTLS_MD4_C)
|
||||
if( todo.mbedtls_md4 )
|
||||
TIME_AND_TSC( "MD4", mbedtls_md4( buf, BUFSIZE, tmp ) );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
if( todo.md5 )
|
||||
TIME_AND_TSC( "MD5", md5( buf, BUFSIZE, tmp ) );
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
if( todo.mbedtls_md5 )
|
||||
TIME_AND_TSC( "MD5", mbedtls_md5( buf, BUFSIZE, tmp ) );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RIPEMD160_C)
|
||||
if( todo.ripemd160 )
|
||||
TIME_AND_TSC( "RIPEMD160", ripemd160( buf, BUFSIZE, tmp ) );
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
if( todo.mbedtls_ripemd160 )
|
||||
TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160( buf, BUFSIZE, tmp ) );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
if( todo.sha1 )
|
||||
TIME_AND_TSC( "SHA-1", sha1( buf, BUFSIZE, tmp ) );
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
if( todo.mbedtls_sha1 )
|
||||
TIME_AND_TSC( "SHA-1", mbedtls_sha1( buf, BUFSIZE, tmp ) );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
if( todo.sha256 )
|
||||
TIME_AND_TSC( "SHA-256", sha256( buf, BUFSIZE, tmp, 0 ) );
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
if( todo.mbedtls_sha256 )
|
||||
TIME_AND_TSC( "SHA-256", mbedtls_sha256( buf, BUFSIZE, tmp, 0 ) );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
if( todo.sha512 )
|
||||
TIME_AND_TSC( "SHA-512", sha512( buf, BUFSIZE, tmp, 0 ) );
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
if( todo.mbedtls_sha512 )
|
||||
TIME_AND_TSC( "SHA-512", mbedtls_sha512( buf, BUFSIZE, tmp, 0 ) );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
#if defined(MBEDTLS_ARC4_C)
|
||||
if( todo.arc4 )
|
||||
{
|
||||
arc4_context arc4;
|
||||
arc4_init( &arc4 );
|
||||
arc4_setup( &arc4, tmp, 32 );
|
||||
TIME_AND_TSC( "ARC4", arc4_crypt( &arc4, BUFSIZE, buf, buf ) );
|
||||
arc4_free( &arc4 );
|
||||
mbedtls_arc4_context arc4;
|
||||
mbedtls_arc4_init( &arc4 );
|
||||
mbedtls_arc4_setup( &arc4, tmp, 32 );
|
||||
TIME_AND_TSC( "ARC4", mbedtls_arc4_crypt( &arc4, BUFSIZE, buf, buf ) );
|
||||
mbedtls_arc4_free( &arc4 );
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_DES_C) && defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(MBEDTLS_DES_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
if( todo.des3 )
|
||||
{
|
||||
des3_context des3;
|
||||
des3_init( &des3 );
|
||||
des3_set3key_enc( &des3, tmp );
|
||||
mbedtls_des3_context des3;
|
||||
mbedtls_des3_init( &des3 );
|
||||
mbedtls_des3_set3key_enc( &des3, tmp );
|
||||
TIME_AND_TSC( "3DES",
|
||||
des3_crypt_cbc( &des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
|
||||
des3_free( &des3 );
|
||||
mbedtls_des3_crypt_cbc( &des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
|
||||
mbedtls_des3_free( &des3 );
|
||||
}
|
||||
|
||||
if( todo.des )
|
||||
{
|
||||
des_context des;
|
||||
des_init( &des );
|
||||
des_setkey_enc( &des, tmp );
|
||||
mbedtls_des_context des;
|
||||
mbedtls_des_init( &des );
|
||||
mbedtls_des_setkey_enc( &des, tmp );
|
||||
TIME_AND_TSC( "DES",
|
||||
des_crypt_cbc( &des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
|
||||
des_free( &des );
|
||||
mbedtls_des_crypt_cbc( &des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
|
||||
mbedtls_des_free( &des );
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_AES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
if( todo.aes_cbc )
|
||||
{
|
||||
int keysize;
|
||||
aes_context aes;
|
||||
aes_init( &aes );
|
||||
mbedtls_aes_context aes;
|
||||
mbedtls_aes_init( &aes );
|
||||
for( keysize = 128; keysize <= 256; keysize += 64 )
|
||||
{
|
||||
polarssl_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize );
|
||||
mbedtls_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
aes_setkey_enc( &aes, tmp, keysize );
|
||||
mbedtls_aes_setkey_enc( &aes, tmp, keysize );
|
||||
|
||||
TIME_AND_TSC( title,
|
||||
aes_crypt_cbc( &aes, AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
|
||||
mbedtls_aes_crypt_cbc( &aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
|
||||
}
|
||||
aes_free( &aes );
|
||||
mbedtls_aes_free( &aes );
|
||||
}
|
||||
#endif
|
||||
#if defined(POLARSSL_GCM_C)
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
if( todo.aes_gcm )
|
||||
{
|
||||
int keysize;
|
||||
gcm_context gcm;
|
||||
mbedtls_gcm_context gcm;
|
||||
for( keysize = 128; keysize <= 256; keysize += 64 )
|
||||
{
|
||||
polarssl_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
|
||||
mbedtls_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
gcm_init( &gcm, POLARSSL_CIPHER_ID_AES, tmp, keysize );
|
||||
mbedtls_gcm_init( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
|
||||
|
||||
TIME_AND_TSC( title,
|
||||
gcm_crypt_and_tag( &gcm, GCM_ENCRYPT, BUFSIZE, tmp,
|
||||
mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp,
|
||||
12, NULL, 0, buf, buf, 16, tmp ) );
|
||||
|
||||
gcm_free( &gcm );
|
||||
mbedtls_gcm_free( &gcm );
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#if defined(POLARSSL_CCM_C)
|
||||
#if defined(MBEDTLS_CCM_C)
|
||||
if( todo.aes_ccm )
|
||||
{
|
||||
int keysize;
|
||||
ccm_context ccm;
|
||||
mbedtls_ccm_context ccm;
|
||||
for( keysize = 128; keysize <= 256; keysize += 64 )
|
||||
{
|
||||
polarssl_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize );
|
||||
mbedtls_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
ccm_init( &ccm, POLARSSL_CIPHER_ID_AES, tmp, keysize );
|
||||
mbedtls_ccm_init( &ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
|
||||
|
||||
TIME_AND_TSC( title,
|
||||
ccm_encrypt_and_tag( &ccm, BUFSIZE, tmp,
|
||||
mbedtls_ccm_encrypt_and_tag( &ccm, BUFSIZE, tmp,
|
||||
12, NULL, 0, buf, buf, tmp, 16 ) );
|
||||
|
||||
ccm_free( &ccm );
|
||||
mbedtls_ccm_free( &ccm );
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C) && defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
if( todo.camellia )
|
||||
{
|
||||
int keysize;
|
||||
camellia_context camellia;
|
||||
camellia_init( &camellia );
|
||||
mbedtls_camellia_context camellia;
|
||||
mbedtls_camellia_init( &camellia );
|
||||
for( keysize = 128; keysize <= 256; keysize += 64 )
|
||||
{
|
||||
polarssl_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize );
|
||||
mbedtls_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
camellia_setkey_enc( &camellia, tmp, keysize );
|
||||
mbedtls_camellia_setkey_enc( &camellia, tmp, keysize );
|
||||
|
||||
TIME_AND_TSC( title,
|
||||
camellia_crypt_cbc( &camellia, CAMELLIA_ENCRYPT,
|
||||
mbedtls_camellia_crypt_cbc( &camellia, MBEDTLS_CAMELLIA_ENCRYPT,
|
||||
BUFSIZE, tmp, buf, buf ) );
|
||||
}
|
||||
camellia_free( &camellia );
|
||||
mbedtls_camellia_free( &camellia );
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BLOWFISH_C) && defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
if( todo.blowfish )
|
||||
{
|
||||
int keysize;
|
||||
blowfish_context blowfish;
|
||||
blowfish_init( &blowfish );
|
||||
mbedtls_blowfish_context blowfish;
|
||||
mbedtls_blowfish_init( &blowfish );
|
||||
|
||||
for( keysize = 128; keysize <= 256; keysize += 64 )
|
||||
{
|
||||
polarssl_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
|
||||
mbedtls_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
blowfish_setkey( &blowfish, tmp, keysize );
|
||||
mbedtls_blowfish_setkey( &blowfish, tmp, keysize );
|
||||
|
||||
TIME_AND_TSC( title,
|
||||
blowfish_crypt_cbc( &blowfish, BLOWFISH_ENCRYPT, BUFSIZE,
|
||||
mbedtls_blowfish_crypt_cbc( &blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE,
|
||||
tmp, buf, buf ) );
|
||||
}
|
||||
|
||||
blowfish_free( &blowfish );
|
||||
mbedtls_blowfish_free( &blowfish );
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_HAVEGE_C)
|
||||
#if defined(MBEDTLS_HAVEGE_C)
|
||||
if( todo.havege )
|
||||
{
|
||||
havege_state hs;
|
||||
havege_init( &hs );
|
||||
TIME_AND_TSC( "HAVEGE", havege_random( &hs, buf, BUFSIZE ) );
|
||||
havege_free( &hs );
|
||||
mbedtls_havege_state hs;
|
||||
mbedtls_havege_init( &hs );
|
||||
TIME_AND_TSC( "HAVEGE", mbedtls_havege_random( &hs, buf, BUFSIZE ) );
|
||||
mbedtls_havege_free( &hs );
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_CTR_DRBG_C)
|
||||
#if defined(MBEDTLS_CTR_DRBG_C)
|
||||
if( todo.ctr_drbg )
|
||||
{
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
|
||||
if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
|
||||
polarssl_exit(1);
|
||||
if( mbedtls_ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
|
||||
mbedtls_exit(1);
|
||||
TIME_AND_TSC( "CTR_DRBG (NOPR)",
|
||||
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
|
||||
polarssl_exit(1) );
|
||||
if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
|
||||
mbedtls_exit(1) );
|
||||
|
||||
if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
|
||||
polarssl_exit(1);
|
||||
ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_ON );
|
||||
if( mbedtls_ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
|
||||
mbedtls_exit(1);
|
||||
mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON );
|
||||
TIME_AND_TSC( "CTR_DRBG (PR)",
|
||||
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
|
||||
polarssl_exit(1) );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
|
||||
mbedtls_exit(1) );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_HMAC_DRBG_C)
|
||||
#if defined(MBEDTLS_HMAC_DRBG_C)
|
||||
if( todo.hmac_drbg )
|
||||
{
|
||||
hmac_drbg_context hmac_drbg;
|
||||
const md_info_t *md_info;
|
||||
mbedtls_hmac_drbg_context hmac_drbg;
|
||||
const mbedtls_md_info_t *md_info;
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
if( ( md_info = md_info_from_type( POLARSSL_MD_SHA1 ) ) == NULL )
|
||||
polarssl_exit(1);
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
|
||||
mbedtls_exit(1);
|
||||
|
||||
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
|
||||
polarssl_exit(1);
|
||||
if( mbedtls_hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
|
||||
mbedtls_exit(1);
|
||||
TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)",
|
||||
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
|
||||
polarssl_exit(1) );
|
||||
hmac_drbg_free( &hmac_drbg );
|
||||
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
|
||||
mbedtls_exit(1) );
|
||||
mbedtls_hmac_drbg_free( &hmac_drbg );
|
||||
|
||||
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
|
||||
polarssl_exit(1);
|
||||
hmac_drbg_set_prediction_resistance( &hmac_drbg,
|
||||
POLARSSL_HMAC_DRBG_PR_ON );
|
||||
if( mbedtls_hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
|
||||
mbedtls_exit(1);
|
||||
mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
|
||||
MBEDTLS_HMAC_DRBG_PR_ON );
|
||||
TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)",
|
||||
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
|
||||
polarssl_exit(1) );
|
||||
hmac_drbg_free( &hmac_drbg );
|
||||
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
|
||||
mbedtls_exit(1) );
|
||||
mbedtls_hmac_drbg_free( &hmac_drbg );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
if( ( md_info = md_info_from_type( POLARSSL_MD_SHA256 ) ) == NULL )
|
||||
polarssl_exit(1);
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL )
|
||||
mbedtls_exit(1);
|
||||
|
||||
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
|
||||
polarssl_exit(1);
|
||||
if( mbedtls_hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
|
||||
mbedtls_exit(1);
|
||||
TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)",
|
||||
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
|
||||
polarssl_exit(1) );
|
||||
hmac_drbg_free( &hmac_drbg );
|
||||
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
|
||||
mbedtls_exit(1) );
|
||||
mbedtls_hmac_drbg_free( &hmac_drbg );
|
||||
|
||||
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
|
||||
polarssl_exit(1);
|
||||
hmac_drbg_set_prediction_resistance( &hmac_drbg,
|
||||
POLARSSL_HMAC_DRBG_PR_ON );
|
||||
if( mbedtls_hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
|
||||
mbedtls_exit(1);
|
||||
mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
|
||||
MBEDTLS_HMAC_DRBG_PR_ON );
|
||||
TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)",
|
||||
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
|
||||
polarssl_exit(1) );
|
||||
hmac_drbg_free( &hmac_drbg );
|
||||
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
|
||||
mbedtls_exit(1) );
|
||||
mbedtls_hmac_drbg_free( &hmac_drbg );
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
|
||||
if( todo.rsa )
|
||||
{
|
||||
int keysize;
|
||||
rsa_context rsa;
|
||||
mbedtls_rsa_context rsa;
|
||||
for( keysize = 1024; keysize <= 4096; keysize *= 2 )
|
||||
{
|
||||
polarssl_snprintf( title, sizeof( title ), "RSA-%d", keysize );
|
||||
mbedtls_snprintf( title, sizeof( title ), "RSA-%d", keysize );
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
rsa_gen_key( &rsa, myrand, NULL, keysize, 65537 );
|
||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
|
||||
mbedtls_rsa_gen_key( &rsa, myrand, NULL, keysize, 65537 );
|
||||
|
||||
TIME_PUBLIC( title, " public",
|
||||
buf[0] = 0;
|
||||
ret = rsa_public( &rsa, buf, buf ) );
|
||||
ret = mbedtls_rsa_public( &rsa, buf, buf ) );
|
||||
|
||||
TIME_PUBLIC( title, "private",
|
||||
buf[0] = 0;
|
||||
ret = rsa_private( &rsa, myrand, NULL, buf, buf ) );
|
||||
ret = mbedtls_rsa_private( &rsa, myrand, NULL, buf, buf ) );
|
||||
|
||||
rsa_free( &rsa );
|
||||
mbedtls_rsa_free( &rsa );
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_DHM_C) && defined(POLARSSL_BIGNUM_C)
|
||||
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_BIGNUM_C)
|
||||
if( todo.dhm )
|
||||
{
|
||||
int dhm_sizes[DHM_SIZES] = { 1024, 2048, 3072 };
|
||||
const char *dhm_P[DHM_SIZES] = {
|
||||
POLARSSL_DHM_RFC5114_MODP_1024_P,
|
||||
POLARSSL_DHM_RFC3526_MODP_2048_P,
|
||||
POLARSSL_DHM_RFC3526_MODP_3072_P,
|
||||
MBEDTLS_DHM_RFC5114_MODP_1024_P,
|
||||
MBEDTLS_DHM_RFC3526_MODP_2048_P,
|
||||
MBEDTLS_DHM_RFC3526_MODP_3072_P,
|
||||
};
|
||||
const char *dhm_G[DHM_SIZES] = {
|
||||
POLARSSL_DHM_RFC5114_MODP_1024_G,
|
||||
POLARSSL_DHM_RFC3526_MODP_2048_G,
|
||||
POLARSSL_DHM_RFC3526_MODP_3072_G,
|
||||
MBEDTLS_DHM_RFC5114_MODP_1024_G,
|
||||
MBEDTLS_DHM_RFC3526_MODP_2048_G,
|
||||
MBEDTLS_DHM_RFC3526_MODP_3072_G,
|
||||
};
|
||||
|
||||
dhm_context dhm;
|
||||
mbedtls_dhm_context dhm;
|
||||
size_t olen;
|
||||
for( i = 0; i < DHM_SIZES; i++ )
|
||||
{
|
||||
dhm_init( &dhm );
|
||||
mbedtls_dhm_init( &dhm );
|
||||
|
||||
if( mpi_read_string( &dhm.P, 16, dhm_P[i] ) != 0 ||
|
||||
mpi_read_string( &dhm.G, 16, dhm_G[i] ) != 0 )
|
||||
if( mbedtls_mpi_read_string( &dhm.P, 16, dhm_P[i] ) != 0 ||
|
||||
mbedtls_mpi_read_string( &dhm.G, 16, dhm_G[i] ) != 0 )
|
||||
{
|
||||
polarssl_exit( 1 );
|
||||
mbedtls_exit( 1 );
|
||||
}
|
||||
|
||||
dhm.len = mpi_size( &dhm.P );
|
||||
dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL );
|
||||
if( mpi_copy( &dhm.GY, &dhm.GX ) != 0 )
|
||||
polarssl_exit( 1 );
|
||||
dhm.len = mbedtls_mpi_size( &dhm.P );
|
||||
mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL );
|
||||
if( mbedtls_mpi_copy( &dhm.GY, &dhm.GX ) != 0 )
|
||||
mbedtls_exit( 1 );
|
||||
|
||||
polarssl_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] );
|
||||
mbedtls_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] );
|
||||
TIME_PUBLIC( title, "handshake",
|
||||
olen = sizeof( buf );
|
||||
ret |= dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len,
|
||||
ret |= mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len,
|
||||
myrand, NULL );
|
||||
ret |= dhm_calc_secret( &dhm, buf, &olen, myrand, NULL ) );
|
||||
ret |= mbedtls_dhm_calc_secret( &dhm, buf, &olen, myrand, NULL ) );
|
||||
|
||||
polarssl_snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] );
|
||||
mbedtls_snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] );
|
||||
TIME_PUBLIC( title, "handshake",
|
||||
olen = sizeof( buf );
|
||||
ret |= dhm_calc_secret( &dhm, buf, &olen, myrand, NULL ) );
|
||||
ret |= mbedtls_dhm_calc_secret( &dhm, buf, &olen, myrand, NULL ) );
|
||||
|
||||
dhm_free( &dhm );
|
||||
mbedtls_dhm_free( &dhm );
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECDSA_C) && defined(POLARSSL_SHA256_C)
|
||||
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_SHA256_C)
|
||||
if( todo.ecdsa )
|
||||
{
|
||||
ecdsa_context ecdsa;
|
||||
const ecp_curve_info *curve_info;
|
||||
mbedtls_ecdsa_context ecdsa;
|
||||
const mbedtls_ecp_curve_info *curve_info;
|
||||
size_t sig_len;
|
||||
|
||||
memset( buf, 0x2A, sizeof( buf ) );
|
||||
|
||||
for( curve_info = ecp_curve_list();
|
||||
curve_info->grp_id != POLARSSL_ECP_DP_NONE;
|
||||
for( curve_info = mbedtls_ecp_curve_list();
|
||||
curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
|
||||
curve_info++ )
|
||||
{
|
||||
ecdsa_init( &ecdsa );
|
||||
mbedtls_ecdsa_init( &ecdsa );
|
||||
|
||||
if( ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 )
|
||||
polarssl_exit( 1 );
|
||||
if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 )
|
||||
mbedtls_exit( 1 );
|
||||
ecp_clear_precomputed( &ecdsa.grp );
|
||||
|
||||
polarssl_snprintf( title, sizeof( title ), "ECDSA-%s",
|
||||
mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
|
||||
curve_info->name );
|
||||
TIME_PUBLIC( title, "sign",
|
||||
ret = ecdsa_write_signature( &ecdsa, POLARSSL_MD_SHA256, buf, curve_info->size,
|
||||
ret = mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->size,
|
||||
tmp, &sig_len, myrand, NULL ) );
|
||||
|
||||
ecdsa_free( &ecdsa );
|
||||
mbedtls_ecdsa_free( &ecdsa );
|
||||
}
|
||||
|
||||
for( curve_info = ecp_curve_list();
|
||||
curve_info->grp_id != POLARSSL_ECP_DP_NONE;
|
||||
for( curve_info = mbedtls_ecp_curve_list();
|
||||
curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
|
||||
curve_info++ )
|
||||
{
|
||||
ecdsa_init( &ecdsa );
|
||||
mbedtls_ecdsa_init( &ecdsa );
|
||||
|
||||
if( ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ||
|
||||
ecdsa_write_signature( &ecdsa, POLARSSL_MD_SHA256, buf, curve_info->size,
|
||||
if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ||
|
||||
mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->size,
|
||||
tmp, &sig_len, myrand, NULL ) != 0 )
|
||||
{
|
||||
polarssl_exit( 1 );
|
||||
mbedtls_exit( 1 );
|
||||
}
|
||||
ecp_clear_precomputed( &ecdsa.grp );
|
||||
|
||||
polarssl_snprintf( title, sizeof( title ), "ECDSA-%s",
|
||||
mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
|
||||
curve_info->name );
|
||||
TIME_PUBLIC( title, "verify",
|
||||
ret = ecdsa_read_signature( &ecdsa, buf, curve_info->size,
|
||||
ret = mbedtls_ecdsa_read_signature( &ecdsa, buf, curve_info->size,
|
||||
tmp, sig_len ) );
|
||||
|
||||
ecdsa_free( &ecdsa );
|
||||
mbedtls_ecdsa_free( &ecdsa );
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECDH_C)
|
||||
#if defined(MBEDTLS_ECDH_C)
|
||||
if( todo.ecdh )
|
||||
{
|
||||
ecdh_context ecdh;
|
||||
#if defined(POLARSSL_ECP_DP_M255_ENABLED)
|
||||
mpi z;
|
||||
mbedtls_ecdh_context ecdh;
|
||||
#if defined(MBEDTLS_ECP_DP_M255_ENABLED)
|
||||
mbedtls_mpi z;
|
||||
#endif
|
||||
const ecp_curve_info *curve_info;
|
||||
const mbedtls_ecp_curve_info *curve_info;
|
||||
size_t olen;
|
||||
|
||||
for( curve_info = ecp_curve_list();
|
||||
curve_info->grp_id != POLARSSL_ECP_DP_NONE;
|
||||
for( curve_info = mbedtls_ecp_curve_list();
|
||||
curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
|
||||
curve_info++ )
|
||||
{
|
||||
ecdh_init( &ecdh );
|
||||
mbedtls_ecdh_init( &ecdh );
|
||||
|
||||
if( ecp_use_known_dp( &ecdh.grp, curve_info->grp_id ) != 0 ||
|
||||
ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
|
||||
if( mbedtls_ecp_use_known_dp( &ecdh.grp, curve_info->grp_id ) != 0 ||
|
||||
mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
|
||||
myrand, NULL ) != 0 ||
|
||||
ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 )
|
||||
mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 )
|
||||
{
|
||||
polarssl_exit( 1 );
|
||||
mbedtls_exit( 1 );
|
||||
}
|
||||
ecp_clear_precomputed( &ecdh.grp );
|
||||
|
||||
polarssl_snprintf( title, sizeof( title ), "ECDHE-%s",
|
||||
mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s",
|
||||
curve_info->name );
|
||||
TIME_PUBLIC( title, "handshake",
|
||||
ret |= ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
|
||||
ret |= mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
|
||||
myrand, NULL );
|
||||
ret |= ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
|
||||
ret |= mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
|
||||
myrand, NULL ) );
|
||||
ecdh_free( &ecdh );
|
||||
mbedtls_ecdh_free( &ecdh );
|
||||
}
|
||||
|
||||
/* Curve25519 needs to be handled separately */
|
||||
#if defined(POLARSSL_ECP_DP_M255_ENABLED)
|
||||
ecdh_init( &ecdh );
|
||||
mpi_init( &z );
|
||||
#if defined(MBEDTLS_ECP_DP_M255_ENABLED)
|
||||
mbedtls_ecdh_init( &ecdh );
|
||||
mbedtls_mpi_init( &z );
|
||||
|
||||
if( ecp_use_known_dp( &ecdh.grp, POLARSSL_ECP_DP_M255 ) != 0 ||
|
||||
ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) != 0 )
|
||||
if( mbedtls_ecp_use_known_dp( &ecdh.grp, MBEDTLS_ECP_DP_M255 ) != 0 ||
|
||||
mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) != 0 )
|
||||
{
|
||||
polarssl_exit( 1 );
|
||||
mbedtls_exit( 1 );
|
||||
}
|
||||
|
||||
TIME_PUBLIC( "ECDHE-Curve25519", "handshake",
|
||||
ret |= ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q,
|
||||
ret |= mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q,
|
||||
myrand, NULL );
|
||||
ret |= ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
|
||||
ret |= mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
|
||||
myrand, NULL ) );
|
||||
|
||||
ecdh_free( &ecdh );
|
||||
mpi_free( &z );
|
||||
mbedtls_ecdh_free( &ecdh );
|
||||
mbedtls_mpi_free( &z );
|
||||
#endif
|
||||
|
||||
for( curve_info = ecp_curve_list();
|
||||
curve_info->grp_id != POLARSSL_ECP_DP_NONE;
|
||||
for( curve_info = mbedtls_ecp_curve_list();
|
||||
curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
|
||||
curve_info++ )
|
||||
{
|
||||
ecdh_init( &ecdh );
|
||||
mbedtls_ecdh_init( &ecdh );
|
||||
|
||||
if( ecp_use_known_dp( &ecdh.grp, curve_info->grp_id ) != 0 ||
|
||||
ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
|
||||
if( mbedtls_ecp_use_known_dp( &ecdh.grp, curve_info->grp_id ) != 0 ||
|
||||
mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
|
||||
myrand, NULL ) != 0 ||
|
||||
ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 ||
|
||||
ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
|
||||
mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 ||
|
||||
mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
|
||||
myrand, NULL ) != 0 )
|
||||
{
|
||||
polarssl_exit( 1 );
|
||||
mbedtls_exit( 1 );
|
||||
}
|
||||
ecp_clear_precomputed( &ecdh.grp );
|
||||
|
||||
polarssl_snprintf( title, sizeof( title ), "ECDH-%s",
|
||||
mbedtls_snprintf( title, sizeof( title ), "ECDH-%s",
|
||||
curve_info->name );
|
||||
TIME_PUBLIC( title, "handshake",
|
||||
ret |= ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
|
||||
ret |= mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
|
||||
myrand, NULL ) );
|
||||
ecdh_free( &ecdh );
|
||||
mbedtls_ecdh_free( &ecdh );
|
||||
}
|
||||
|
||||
/* Curve25519 needs to be handled separately */
|
||||
#if defined(POLARSSL_ECP_DP_M255_ENABLED)
|
||||
ecdh_init( &ecdh );
|
||||
mpi_init( &z );
|
||||
#if defined(MBEDTLS_ECP_DP_M255_ENABLED)
|
||||
mbedtls_ecdh_init( &ecdh );
|
||||
mbedtls_mpi_init( &z );
|
||||
|
||||
if( ecp_use_known_dp( &ecdh.grp, POLARSSL_ECP_DP_M255 ) != 0 ||
|
||||
ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp,
|
||||
if( mbedtls_ecp_use_known_dp( &ecdh.grp, MBEDTLS_ECP_DP_M255 ) != 0 ||
|
||||
mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp,
|
||||
myrand, NULL ) != 0 ||
|
||||
ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) != 0 )
|
||||
mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) != 0 )
|
||||
{
|
||||
polarssl_exit( 1 );
|
||||
mbedtls_exit( 1 );
|
||||
}
|
||||
|
||||
TIME_PUBLIC( "ECDH-Curve25519", "handshake",
|
||||
ret |= ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
|
||||
ret |= mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
|
||||
myrand, NULL ) );
|
||||
|
||||
ecdh_free( &ecdh );
|
||||
mpi_free( &z );
|
||||
mbedtls_ecdh_free( &ecdh );
|
||||
mbedtls_mpi_free( &z );
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
memory_buffer_alloc_free();
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
mbedtls_memory_buffer_alloc_free();
|
||||
#endif
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_TIMING_C */
|
||||
#endif /* MBEDTLS_TIMING_C */
|
||||
|
||||
@@ -20,10 +20,10 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "mbedtls/entropy.h"
|
||||
@@ -55,21 +55,21 @@
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
#include "mbedtls/memory_buffer_alloc.h"
|
||||
#endif
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0, v;
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
unsigned char buf[1000000];
|
||||
#endif
|
||||
|
||||
@@ -78,166 +78,166 @@ int main( int argc, char *argv[] )
|
||||
else
|
||||
{
|
||||
v = 1;
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
#if defined(MBEDTLS_SELF_TEST)
|
||||
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
memory_buffer_alloc_init( buf, sizeof(buf) );
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
mbedtls_memory_buffer_alloc_init( buf, sizeof(buf) );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
if( ( ret = md2_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_MD2_C)
|
||||
if( ( ret = mbedtls_md2_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
if( ( ret = md4_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_MD4_C)
|
||||
if( ( ret = mbedtls_md4_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
if( ( ret = md5_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
if( ( ret = mbedtls_md5_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RIPEMD160_C)
|
||||
if( ( ret = ripemd160_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
if( ( ret = mbedtls_ripemd160_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
if( ( ret = sha1_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
if( ( ret = mbedtls_sha1_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
if( ( ret = sha256_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
if( ( ret = mbedtls_sha256_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
if( ( ret = sha512_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
if( ( ret = mbedtls_sha512_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
if( ( ret = arc4_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_ARC4_C)
|
||||
if( ( ret = mbedtls_arc4_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
if( ( ret = des_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
if( ( ret = mbedtls_des_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_AES_C)
|
||||
if( ( ret = aes_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
if( ( ret = mbedtls_aes_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_GCM_C) && defined(POLARSSL_AES_C)
|
||||
if( ( ret = gcm_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)
|
||||
if( ( ret = mbedtls_gcm_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_CCM_C) && defined(POLARSSL_AES_C)
|
||||
if( ( ret = ccm_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)
|
||||
if( ( ret = mbedtls_ccm_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BASE64_C)
|
||||
if( ( ret = base64_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_BASE64_C)
|
||||
if( ( ret = mbedtls_base64_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C)
|
||||
if( ( ret = mpi_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_BIGNUM_C)
|
||||
if( ( ret = mbedtls_mpi_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( ( ret = rsa_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
if( ( ret = mbedtls_rsa_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_X509_USE_C)
|
||||
if( ( ret = x509_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_X509_USE_C)
|
||||
if( ( ret = mbedtls_x509_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_XTEA_C)
|
||||
if( ( ret = xtea_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_XTEA_C)
|
||||
if( ( ret = mbedtls_xtea_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
if( ( ret = camellia_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_CAMELLIA_C)
|
||||
if( ( ret = mbedtls_camellia_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_CTR_DRBG_C)
|
||||
if( ( ret = ctr_drbg_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_CTR_DRBG_C)
|
||||
if( ( ret = mbedtls_ctr_drbg_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_HMAC_DRBG_C)
|
||||
if( ( ret = hmac_drbg_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_HMAC_DRBG_C)
|
||||
if( ( ret = mbedtls_hmac_drbg_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( ( ret = ecp_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if( ( ret = mbedtls_ecp_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_DHM_C)
|
||||
if( ( ret = dhm_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_DHM_C)
|
||||
if( ( ret = mbedtls_dhm_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ENTROPY_C)
|
||||
if( ( ret = entropy_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_ENTROPY_C)
|
||||
if( ( ret = mbedtls_entropy_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PKCS5_C)
|
||||
if( ( ret = pkcs5_self_test( v ) ) != 0 )
|
||||
#if defined(MBEDTLS_PKCS5_C)
|
||||
if( ( ret = mbedtls_pkcs5_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
/* Slow tests last */
|
||||
|
||||
/* Not stable enough on Windows and FreeBSD yet */
|
||||
#if __linux__ && defined(POLARSSL_TIMING_C)
|
||||
if( ( ret = timing_self_test( v ) ) != 0 )
|
||||
#if __linux__ && defined(MBEDTLS_TIMING_C)
|
||||
if( ( ret = mbedtls_timing_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
#else
|
||||
polarssl_printf( " POLARSSL_SELF_TEST not defined.\n" );
|
||||
mbedtls_printf( " MBEDTLS_SELF_TEST not defined.\n" );
|
||||
#endif
|
||||
|
||||
if( v != 0 )
|
||||
{
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && defined(POLARSSL_MEMORY_DEBUG)
|
||||
memory_buffer_alloc_status();
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
|
||||
mbedtls_memory_buffer_alloc_status();
|
||||
#endif
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
|
||||
memory_buffer_alloc_free();
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
mbedtls_memory_buffer_alloc_free();
|
||||
|
||||
if( ( ret = memory_buffer_alloc_self_test( v ) ) != 0 )
|
||||
if( ( ret = mbedtls_memory_buffer_alloc_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
|
||||
if( v != 0 )
|
||||
{
|
||||
polarssl_printf( " [ All tests passed ]\n\n" );
|
||||
mbedtls_printf( " [ All tests passed ]\n\n" );
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
}
|
||||
|
||||
@@ -20,23 +20,23 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_snprintf snprintf
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_snprintf snprintf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#define mbedtls_printf printf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_X509_CRT_PARSE_C) && \
|
||||
defined(POLARSSL_FS_IO) && defined(POLARSSL_X509_CRL_PARSE_C)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_X509_CRT_PARSE_C) && \
|
||||
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||
#include "mbedtls/certs.h"
|
||||
#include "mbedtls/x509_crt.h"
|
||||
|
||||
@@ -50,12 +50,12 @@
|
||||
|
||||
#define MAX_CLIENT_CERTS 8
|
||||
|
||||
#if !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \
|
||||
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_X509_CRL_PARSE_C)
|
||||
#if !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
|
||||
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_RSA_C and/or POLARSSL_X509_CRT_PARSE_C "
|
||||
"POLARSSL_FS_IO and/or POLARSSL_X509_CRL_PARSE_C "
|
||||
mbedtls_printf("MBEDTLS_RSA_C and/or MBEDTLS_X509_CRT_PARSE_C "
|
||||
"MBEDTLS_FS_IO and/or MBEDTLS_X509_CRL_PARSE_C "
|
||||
"not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
@@ -87,52 +87,52 @@ const char *client_private_keys[MAX_CLIENT_CERTS] =
|
||||
int main( void )
|
||||
{
|
||||
int ret, i;
|
||||
x509_crt cacert;
|
||||
x509_crl crl;
|
||||
mbedtls_x509_crt cacert;
|
||||
mbedtls_x509_crl crl;
|
||||
char buf[10240];
|
||||
|
||||
x509_crt_init( &cacert );
|
||||
x509_crl_init( &crl );
|
||||
mbedtls_x509_crt_init( &cacert );
|
||||
mbedtls_x509_crl_init( &crl );
|
||||
|
||||
/*
|
||||
* 1.1. Load the trusted CA
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the CA root certificate ..." );
|
||||
mbedtls_printf( "\n . Loading the CA root certificate ..." );
|
||||
fflush( stdout );
|
||||
|
||||
/*
|
||||
* Alternatively, you may load the CA certificates from a .pem or
|
||||
* .crt file by calling x509_crt_parse_file( &cacert, "myca.crt" ).
|
||||
* .crt file by calling mbedtls_x509_crt_parse_file( &cacert, "myca.crt" ).
|
||||
*/
|
||||
ret = x509_crt_parse_file( &cacert, "ssl/test-ca/test-ca.crt" );
|
||||
ret = mbedtls_x509_crt_parse_file( &cacert, "ssl/test-ca/test-ca.crt" );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
x509_crt_info( buf, 1024, "CRT: ", &cacert );
|
||||
polarssl_printf("%s\n", buf );
|
||||
mbedtls_x509_crt_info( buf, 1024, "CRT: ", &cacert );
|
||||
mbedtls_printf("%s\n", buf );
|
||||
|
||||
/*
|
||||
* 1.2. Load the CRL
|
||||
*/
|
||||
polarssl_printf( " . Loading the CRL ..." );
|
||||
mbedtls_printf( " . Loading the CRL ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_crl_parse_file( &crl, "ssl/test-ca/crl.pem" );
|
||||
ret = mbedtls_x509_crl_parse_file( &crl, "ssl/test-ca/crl.pem" );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crl_parse_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
x509_crl_info( buf, 1024, "CRL: ", &crl );
|
||||
polarssl_printf("%s\n", buf );
|
||||
mbedtls_x509_crl_info( buf, 1024, "CRL: ", &crl );
|
||||
mbedtls_printf("%s\n", buf );
|
||||
|
||||
for( i = 0; i < MAX_CLIENT_CERTS; i++ )
|
||||
{
|
||||
@@ -141,127 +141,127 @@ int main( void )
|
||||
*/
|
||||
char name[512];
|
||||
int flags;
|
||||
x509_crt clicert;
|
||||
pk_context pk;
|
||||
mbedtls_x509_crt clicert;
|
||||
mbedtls_pk_context pk;
|
||||
|
||||
x509_crt_init( &clicert );
|
||||
pk_init( &pk );
|
||||
mbedtls_x509_crt_init( &clicert );
|
||||
mbedtls_pk_init( &pk );
|
||||
|
||||
polarssl_snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]);
|
||||
mbedtls_snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]);
|
||||
|
||||
polarssl_printf( " . Loading the client certificate %s...", name );
|
||||
mbedtls_printf( " . Loading the client certificate %s...", name );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_crt_parse_file( &clicert, name );
|
||||
ret = mbedtls_x509_crt_parse_file( &clicert, name );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.4. Verify certificate validity with CA certificate
|
||||
*/
|
||||
polarssl_printf( " . Verify the client certificate with CA certificate..." );
|
||||
mbedtls_printf( " . Verify the client certificate with CA certificate..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_crt_verify( &clicert, &cacert, &crl, NULL, &flags, NULL,
|
||||
ret = mbedtls_x509_crt_verify( &clicert, &cacert, &crl, NULL, &flags, NULL,
|
||||
NULL );
|
||||
if( ret != 0 )
|
||||
{
|
||||
if( ret == POLARSSL_ERR_X509_CERT_VERIFY_FAILED )
|
||||
if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
|
||||
{
|
||||
if( flags & BADCERT_CN_MISMATCH )
|
||||
polarssl_printf( " CN_MISMATCH " );
|
||||
if( flags & BADCERT_EXPIRED )
|
||||
polarssl_printf( " EXPIRED " );
|
||||
if( flags & BADCERT_REVOKED )
|
||||
polarssl_printf( " REVOKED " );
|
||||
if( flags & BADCERT_NOT_TRUSTED )
|
||||
polarssl_printf( " NOT_TRUSTED " );
|
||||
if( flags & BADCRL_NOT_TRUSTED )
|
||||
polarssl_printf( " CRL_NOT_TRUSTED " );
|
||||
if( flags & BADCRL_EXPIRED )
|
||||
polarssl_printf( " CRL_EXPIRED " );
|
||||
if( flags & MBEDTLS_X509_BADCERT_CN_MISMATCH )
|
||||
mbedtls_printf( " CN_MISMATCH " );
|
||||
if( flags & MBEDTLS_BADCERT_EXPIRED )
|
||||
mbedtls_printf( " EXPIRED " );
|
||||
if( flags & MBEDTLS_X509_BADCERT_REVOKED )
|
||||
mbedtls_printf( " REVOKED " );
|
||||
if( flags & MBEDTLS_X509_BADCERT_NOT_TRUSTED )
|
||||
mbedtls_printf( " NOT_TRUSTED " );
|
||||
if( flags & MBEDTLS_X509_BADCRL_NOT_TRUSTED )
|
||||
mbedtls_printf( " CRL_NOT_TRUSTED " );
|
||||
if( flags & MBEDTLS_X509_BADCRL_EXPIRED )
|
||||
mbedtls_printf( " CRL_EXPIRED " );
|
||||
} else {
|
||||
polarssl_printf( " failed\n ! x509_crt_verify returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_verify returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.5. Load own private key
|
||||
*/
|
||||
polarssl_snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]);
|
||||
mbedtls_snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]);
|
||||
|
||||
polarssl_printf( " . Loading the client private key %s...", name );
|
||||
mbedtls_printf( " . Loading the client private key %s...", name );
|
||||
fflush( stdout );
|
||||
|
||||
ret = pk_parse_keyfile( &pk, name, NULL );
|
||||
ret = mbedtls_pk_parse_keyfile( &pk, name, NULL );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_keyfile returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.6. Verify certificate validity with private key
|
||||
*/
|
||||
polarssl_printf( " . Verify the client certificate with private key..." );
|
||||
mbedtls_printf( " . Verify the client certificate with private key..." );
|
||||
fflush( stdout );
|
||||
|
||||
|
||||
/* EC NOT IMPLEMENTED YET */
|
||||
if( ! pk_can_do( &clicert.pk, POLARSSL_PK_RSA ) )
|
||||
if( ! mbedtls_pk_can_do( &clicert.pk, MBEDTLS_PK_RSA ) )
|
||||
{
|
||||
polarssl_printf( " failed\n ! certificate's key is not RSA\n\n" );
|
||||
ret = POLARSSL_ERR_X509_FEATURE_UNAVAILABLE;
|
||||
mbedtls_printf( " failed\n ! certificate's key is not RSA\n\n" );
|
||||
ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = mpi_cmp_mpi(&pk_rsa( pk )->N, &pk_rsa( clicert.pk )->N);
|
||||
ret = mbedtls_mpi_cmp_mpi(&mbedtls_pk_rsa( pk )->N, &mbedtls_pk_rsa( clicert.pk )->N);
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_cmp_mpi for N returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_cmp_mpi for N returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = mpi_cmp_mpi(&pk_rsa( pk )->E, &pk_rsa( clicert.pk )->E);
|
||||
ret = mbedtls_mpi_cmp_mpi(&mbedtls_pk_rsa( pk )->E, &mbedtls_pk_rsa( clicert.pk )->E);
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! mpi_cmp_mpi for E returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_cmp_mpi for E returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = rsa_check_privkey( pk_rsa( pk ) );
|
||||
ret = mbedtls_rsa_check_privkey( mbedtls_pk_rsa( pk ) );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! rsa_check_privkey returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_check_privkey returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
x509_crt_free( &clicert );
|
||||
pk_free( &pk );
|
||||
mbedtls_x509_crt_free( &clicert );
|
||||
mbedtls_pk_free( &pk );
|
||||
}
|
||||
|
||||
exit:
|
||||
x509_crt_free( &cacert );
|
||||
x509_crl_free( &crl );
|
||||
mbedtls_x509_crt_free( &cacert );
|
||||
mbedtls_x509_crl_free( &crl );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_RSA_C && POLARSSL_X509_CRT_PARSE_C && POLARSSL_FS_IO &&
|
||||
POLARSSL_X509_CRL_PARSE_C */
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO &&
|
||||
MBEDTLS_X509_CRL_PARSE_C */
|
||||
|
||||
@@ -20,23 +20,23 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_NET_C)
|
||||
#if !defined(MBEDTLS_NET_C)
|
||||
#include <stdio.h>
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf( "POLARSSL_NET_C not defined.\n" );
|
||||
mbedtls_printf( "MBEDTLS_NET_C not defined.\n" );
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -129,11 +129,11 @@ static struct options
|
||||
static void exit_usage( const char *name, const char *value )
|
||||
{
|
||||
if( value == NULL )
|
||||
polarssl_printf( " unknown option or missing value: %s\n", name );
|
||||
mbedtls_printf( " unknown option or missing value: %s\n", name );
|
||||
else
|
||||
polarssl_printf( " option %s: illegal value: %s\n", name, value );
|
||||
mbedtls_printf( " option %s: illegal value: %s\n", name, value );
|
||||
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
exit( 1 );
|
||||
}
|
||||
|
||||
@@ -235,10 +235,10 @@ static const char *msg_type( unsigned char *msg, size_t len )
|
||||
if( len < 1 ) return( "Invalid" );
|
||||
switch( msg[0] )
|
||||
{
|
||||
case SSL_MSG_CHANGE_CIPHER_SPEC: return( "ChangeCipherSpec" );
|
||||
case SSL_MSG_ALERT: return( "Alert" );
|
||||
case SSL_MSG_APPLICATION_DATA: return( "ApplicationData" );
|
||||
case SSL_MSG_HANDSHAKE: break; /* See below */
|
||||
case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: return( "ChangeCipherSpec" );
|
||||
case MBEDTLS_SSL_MSG_ALERT: return( "Alert" );
|
||||
case MBEDTLS_SSL_MSG_APPLICATION_DATA: return( "ApplicationData" );
|
||||
case MBEDTLS_SSL_MSG_HANDSHAKE: break; /* See below */
|
||||
default: return( "Unknown" );
|
||||
}
|
||||
|
||||
@@ -253,18 +253,18 @@ static const char *msg_type( unsigned char *msg, size_t len )
|
||||
|
||||
switch( msg[13] )
|
||||
{
|
||||
case SSL_HS_HELLO_REQUEST: return( "HelloRequest" );
|
||||
case SSL_HS_CLIENT_HELLO: return( "ClientHello" );
|
||||
case SSL_HS_SERVER_HELLO: return( "ServerHello" );
|
||||
case SSL_HS_HELLO_VERIFY_REQUEST: return( "HelloVerifyRequest" );
|
||||
case SSL_HS_NEW_SESSION_TICKET: return( "NewSessionTicket" );
|
||||
case SSL_HS_CERTIFICATE: return( "Certificate" );
|
||||
case SSL_HS_SERVER_KEY_EXCHANGE: return( "ServerKeyExchange" );
|
||||
case SSL_HS_CERTIFICATE_REQUEST: return( "CertificateRequest" );
|
||||
case SSL_HS_SERVER_HELLO_DONE: return( "ServerHelloDone" );
|
||||
case SSL_HS_CERTIFICATE_VERIFY: return( "CertificateVerify" );
|
||||
case SSL_HS_CLIENT_KEY_EXCHANGE: return( "ClientKeyExchange" );
|
||||
case SSL_HS_FINISHED: return( "Finished" );
|
||||
case MBEDTLS_SSL_HS_HELLO_REQUEST: return( "HelloRequest" );
|
||||
case MBEDTLS_SSL_HS_CLIENT_HELLO: return( "ClientHello" );
|
||||
case MBEDTLS_SSL_HS_SERVER_HELLO: return( "ServerHello" );
|
||||
case MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST: return( "HelloVerifyRequest" );
|
||||
case MBEDTLS_SSL_HS_NEW_SESSION_TICKET: return( "NewSessionTicket" );
|
||||
case MBEDTLS_SSL_HS_CERTIFICATE: return( "Certificate" );
|
||||
case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE: return( "ServerKeyExchange" );
|
||||
case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST: return( "CertificateRequest" );
|
||||
case MBEDTLS_SSL_HS_SERVER_HELLO_DONE: return( "ServerHelloDone" );
|
||||
case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY: return( "CertificateVerify" );
|
||||
case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE: return( "ClientKeyExchange" );
|
||||
case MBEDTLS_SSL_HS_FINISHED: return( "Finished" );
|
||||
default: return( "Unknown handshake" );
|
||||
}
|
||||
}
|
||||
@@ -303,10 +303,10 @@ typedef struct
|
||||
void print_packet( const packet *p, const char *why )
|
||||
{
|
||||
if( why == NULL )
|
||||
polarssl_printf( " %05lu %s %s (%u bytes)\n",
|
||||
mbedtls_printf( " %05lu %s %s (%u bytes)\n",
|
||||
ellapsed_time(), p->way, p->type, p->len );
|
||||
else
|
||||
polarssl_printf( " %s %s (%u bytes): %s\n",
|
||||
mbedtls_printf( " %s %s (%u bytes): %s\n",
|
||||
p->way, p->type, p->len, why );
|
||||
fflush( stdout );
|
||||
}
|
||||
@@ -325,17 +325,17 @@ int send_packet( const packet *p, const char *why )
|
||||
++buf[p->len - 1];
|
||||
|
||||
print_packet( p, "corrupted" );
|
||||
if( ( ret = net_send( &dst, buf, p->len ) ) <= 0 )
|
||||
if( ( ret = mbedtls_net_send( &dst, buf, p->len ) ) <= 0 )
|
||||
{
|
||||
polarssl_printf( " ! net_send returned %d\n", ret );
|
||||
mbedtls_printf( " ! mbedtls_net_send returned %d\n", ret );
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
|
||||
print_packet( p, why );
|
||||
if( ( ret = net_send( &dst, p->buf, p->len ) ) <= 0 )
|
||||
if( ( ret = mbedtls_net_send( &dst, p->buf, p->len ) ) <= 0 )
|
||||
{
|
||||
polarssl_printf( " ! net_send returned %d\n", ret );
|
||||
mbedtls_printf( " ! mbedtls_net_send returned %d\n", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
@@ -346,9 +346,9 @@ int send_packet( const packet *p, const char *why )
|
||||
{
|
||||
print_packet( p, "duplicated" );
|
||||
|
||||
if( ( ret = net_send( &dst, p->buf, p->len ) ) <= 0 )
|
||||
if( ( ret = mbedtls_net_send( &dst, p->buf, p->len ) ) <= 0 )
|
||||
{
|
||||
polarssl_printf( " ! net_send returned %d\n", ret );
|
||||
mbedtls_printf( " ! mbedtls_net_send returned %d\n", ret );
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
@@ -407,9 +407,9 @@ int handle_message( const char *way, int dst, int src )
|
||||
size_t id;
|
||||
|
||||
/* receive packet */
|
||||
if( ( ret = net_recv( &src, cur.buf, sizeof( cur.buf ) ) ) <= 0 )
|
||||
if( ( ret = mbedtls_net_recv( &src, cur.buf, sizeof( cur.buf ) ) ) <= 0 )
|
||||
{
|
||||
polarssl_printf( " ! net_recv returned %d\n", ret );
|
||||
mbedtls_printf( " ! mbedtls_net_recv returned %d\n", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
@@ -490,7 +490,7 @@ int main( int argc, char *argv[] )
|
||||
if( opt.seed == 0 )
|
||||
{
|
||||
opt.seed = time( NULL );
|
||||
polarssl_printf( " . Pseudo-random seed: %u\n", opt.seed );
|
||||
mbedtls_printf( " . Pseudo-random seed: %u\n", opt.seed );
|
||||
}
|
||||
|
||||
srand( opt.seed );
|
||||
@@ -498,63 +498,63 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 0. "Connect" to the server
|
||||
*/
|
||||
polarssl_printf( " . Connect to server on UDP/%s/%d ...",
|
||||
mbedtls_printf( " . Connect to server on UDP/%s/%d ...",
|
||||
opt.server_addr, opt.server_port );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_connect( &server_fd, opt.server_addr, opt.server_port,
|
||||
NET_PROTO_UDP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_connect( &server_fd, opt.server_addr, opt.server_port,
|
||||
MBEDTLS_NET_PROTO_UDP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1. Setup the "listening" UDP socket
|
||||
*/
|
||||
polarssl_printf( " . Bind on UDP/%s/%d ...",
|
||||
mbedtls_printf( " . Bind on UDP/%s/%d ...",
|
||||
opt.listen_addr, opt.listen_port );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_bind( &listen_fd, opt.listen_addr, opt.listen_port,
|
||||
NET_PROTO_UDP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_bind( &listen_fd, opt.listen_addr, opt.listen_port,
|
||||
MBEDTLS_NET_PROTO_UDP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 2. Wait until a client connects
|
||||
*/
|
||||
accept:
|
||||
polarssl_printf( " . Waiting for a remote connection ..." );
|
||||
mbedtls_printf( " . Waiting for a remote connection ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_accept returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
fflush( stdout );
|
||||
|
||||
polarssl_printf( " . Re-bind on UDP/%s/%d ...",
|
||||
mbedtls_printf( " . Re-bind on UDP/%s/%d ...",
|
||||
opt.listen_addr, opt.listen_port );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_bind( &listen_fd, opt.listen_addr, opt.listen_port,
|
||||
NET_PROTO_UDP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_bind( &listen_fd, opt.listen_addr, opt.listen_port,
|
||||
MBEDTLS_NET_PROTO_UDP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 3. Forward packets forever (kill the process to terminate it)
|
||||
@@ -602,28 +602,28 @@ accept:
|
||||
|
||||
exit:
|
||||
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
polarssl_strerror( ret, error_buf, 100 );
|
||||
polarssl_printf( "Last error was: -0x%04X - %s\n\n", - ret, error_buf );
|
||||
mbedtls_strerror( ret, error_buf, 100 );
|
||||
mbedtls_printf( "Last error was: -0x%04X - %s\n\n", - ret, error_buf );
|
||||
fflush( stdout );
|
||||
}
|
||||
#endif
|
||||
|
||||
if( client_fd != -1 )
|
||||
net_close( client_fd );
|
||||
mbedtls_net_close( client_fd );
|
||||
|
||||
if( listen_fd != -1 )
|
||||
net_close( listen_fd );
|
||||
mbedtls_net_close( listen_fd );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret != 0 );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_NET_C */
|
||||
#endif /* MBEDTLS_NET_C */
|
||||
|
||||
@@ -20,22 +20,22 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_free free
|
||||
#define polarssl_malloc malloc
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_free free
|
||||
#define mbedtls_malloc malloc
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BASE64_C) && defined(POLARSSL_FS_IO)
|
||||
#if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_FS_IO)
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/base64.h"
|
||||
|
||||
@@ -54,10 +54,10 @@
|
||||
" output_file=%%s default: file.der\n" \
|
||||
"\n"
|
||||
|
||||
#if !defined(POLARSSL_BASE64_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_BASE64_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BASE64_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BASE64_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -96,14 +96,14 @@ int convert_pem_to_der( const unsigned char *input, size_t ilen,
|
||||
if( s2 <= s1 || s2 > end )
|
||||
return( -1 );
|
||||
|
||||
ret = base64_decode( NULL, &len, (const unsigned char *) s1, s2 - s1 );
|
||||
if( ret == POLARSSL_ERR_BASE64_INVALID_CHARACTER )
|
||||
ret = mbedtls_base64_decode( NULL, &len, (const unsigned char *) s1, s2 - s1 );
|
||||
if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER )
|
||||
return( ret );
|
||||
|
||||
if( len > *olen )
|
||||
return( -1 );
|
||||
|
||||
if( ( ret = base64_decode( output, &len, (const unsigned char *) s1,
|
||||
if( ( ret = mbedtls_base64_decode( output, &len, (const unsigned char *) s1,
|
||||
s2 - s1 ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
@@ -136,7 +136,7 @@ static int load_file( const char *path, unsigned char **buf, size_t *n )
|
||||
*n = (size_t) size;
|
||||
|
||||
if( *n + 1 == 0 ||
|
||||
( *buf = polarssl_malloc( *n + 1 ) ) == NULL )
|
||||
( *buf = mbedtls_malloc( *n + 1 ) ) == NULL )
|
||||
{
|
||||
fclose( f );
|
||||
return( -1 );
|
||||
@@ -196,7 +196,7 @@ int main( int argc, char *argv[] )
|
||||
if( argc == 0 )
|
||||
{
|
||||
usage:
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -222,66 +222,66 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 1.1. Load the PEM file
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the PEM file ..." );
|
||||
mbedtls_printf( "\n . Loading the PEM file ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = load_file( opt.filename, &pem_buffer, &pem_size );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
#endif
|
||||
polarssl_printf( " failed\n ! load_file returned %d - %s\n\n", ret, buf );
|
||||
mbedtls_printf( " failed\n ! load_file returned %d - %s\n\n", ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.2. Convert from PEM to DER
|
||||
*/
|
||||
polarssl_printf( " . Converting from PEM to DER ..." );
|
||||
mbedtls_printf( " . Converting from PEM to DER ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = convert_pem_to_der( pem_buffer, pem_size, der_buffer, &der_size ) ) != 0 )
|
||||
{
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
#endif
|
||||
polarssl_printf( " failed\n ! convert_pem_to_der %d - %s\n\n", ret, buf );
|
||||
mbedtls_printf( " failed\n ! convert_pem_to_der %d - %s\n\n", ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.3. Write the DER file
|
||||
*/
|
||||
polarssl_printf( " . Writing the DER file ..." );
|
||||
mbedtls_printf( " . Writing the DER file ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = write_file( opt.output_file, der_buffer, der_size );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
#endif
|
||||
polarssl_printf( " failed\n ! write_file returned %d - %s\n\n", ret, buf );
|
||||
mbedtls_printf( " failed\n ! write_file returned %d - %s\n\n", ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
exit:
|
||||
free( pem_buffer );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BASE64_C && POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_BASE64_C && MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,20 +20,20 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ERROR_C) || defined(POLARSSL_ERROR_STRERROR_DUMMY)
|
||||
#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
|
||||
#include "mbedtls/error.h"
|
||||
|
||||
#include <stdio.h>
|
||||
@@ -45,10 +45,10 @@
|
||||
"\n usage: strerror <errorcode>\n" \
|
||||
"\n where <errorcode> can be a decimal or hexadecimal (starts with 0x or -0x)\n"
|
||||
|
||||
#if !defined(POLARSSL_ERROR_C) && !defined(POLARSSL_ERROR_STRERROR_DUMMY)
|
||||
#if !defined(MBEDTLS_ERROR_C) && !defined(MBEDTLS_ERROR_STRERROR_DUMMY)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_ERROR_C and/or POLARSSL_ERROR_STRERROR_DUMMY not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_ERROR_C and/or MBEDTLS_ERROR_STRERROR_DUMMY not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -59,7 +59,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( argc != 2 )
|
||||
{
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
@@ -69,7 +69,7 @@ int main( int argc, char *argv[] )
|
||||
val = strtol( argv[1], &end, 16 );
|
||||
if( *end != '\0' )
|
||||
{
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
return( 0 );
|
||||
}
|
||||
}
|
||||
@@ -79,15 +79,15 @@ int main( int argc, char *argv[] )
|
||||
if( val != 0 )
|
||||
{
|
||||
char error_buf[200];
|
||||
polarssl_strerror( val, error_buf, 200 );
|
||||
polarssl_printf("Last error was: -0x%04x - %s\n\n", (int) -val, error_buf );
|
||||
mbedtls_strerror( val, error_buf, 200 );
|
||||
mbedtls_printf("Last error was: -0x%04x - %s\n\n", (int) -val, error_buf );
|
||||
}
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( val );
|
||||
}
|
||||
#endif /* POLARSSL_ERROR_C */
|
||||
#endif /* MBEDTLS_ERROR_C */
|
||||
|
||||
@@ -20,32 +20,32 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
|
||||
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
|
||||
!defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
|
||||
!defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
|
||||
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
|
||||
"MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
|
||||
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or "
|
||||
"MBEDTLS_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -114,43 +114,43 @@ static void my_debug( void *ctx, int level, const char *str )
|
||||
{
|
||||
if( level < opt.debug_level )
|
||||
{
|
||||
polarssl_fprintf( (FILE *) ctx, "%s", str );
|
||||
mbedtls_fprintf( (FILE *) ctx, "%s", str );
|
||||
fflush( (FILE *) ctx );
|
||||
}
|
||||
}
|
||||
|
||||
static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
|
||||
static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, int *flags )
|
||||
{
|
||||
char buf[1024];
|
||||
((void) data);
|
||||
|
||||
polarssl_printf( "\nVerify requested for (Depth %d):\n", depth );
|
||||
x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
|
||||
polarssl_printf( "%s", buf );
|
||||
mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth );
|
||||
mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
|
||||
mbedtls_printf( "%s", buf );
|
||||
|
||||
if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
|
||||
polarssl_printf( " ! server certificate has expired\n" );
|
||||
if( ( (*flags) & MBEDTLS_BADCERT_EXPIRED ) != 0 )
|
||||
mbedtls_printf( " ! server certificate has expired\n" );
|
||||
|
||||
if( ( (*flags) & BADCERT_REVOKED ) != 0 )
|
||||
polarssl_printf( " ! server certificate has been revoked\n" );
|
||||
if( ( (*flags) & MBEDTLS_X509_BADCERT_REVOKED ) != 0 )
|
||||
mbedtls_printf( " ! server certificate has been revoked\n" );
|
||||
|
||||
if( ( (*flags) & BADCERT_CN_MISMATCH ) != 0 )
|
||||
polarssl_printf( " ! CN mismatch\n" );
|
||||
if( ( (*flags) & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 )
|
||||
mbedtls_printf( " ! CN mismatch\n" );
|
||||
|
||||
if( ( (*flags) & BADCERT_NOT_TRUSTED ) != 0 )
|
||||
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
|
||||
if( ( (*flags) & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 )
|
||||
mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" );
|
||||
|
||||
if( ( (*flags) & BADCRL_NOT_TRUSTED ) != 0 )
|
||||
polarssl_printf( " ! CRL not trusted\n" );
|
||||
if( ( (*flags) & MBEDTLS_X509_BADCRL_NOT_TRUSTED ) != 0 )
|
||||
mbedtls_printf( " ! CRL not trusted\n" );
|
||||
|
||||
if( ( (*flags) & BADCRL_EXPIRED ) != 0 )
|
||||
polarssl_printf( " ! CRL expired\n" );
|
||||
if( ( (*flags) & MBEDTLS_X509_BADCRL_EXPIRED ) != 0 )
|
||||
mbedtls_printf( " ! CRL expired\n" );
|
||||
|
||||
if( ( (*flags) & BADCERT_OTHER ) != 0 )
|
||||
polarssl_printf( " ! other (unknown) flag\n" );
|
||||
if( ( (*flags) & MBEDTLS_BADCERT_OTHER ) != 0 )
|
||||
mbedtls_printf( " ! other (unknown) flag\n" );
|
||||
|
||||
if ( ( *flags ) == 0 )
|
||||
polarssl_printf( " This certificate has no flags\n" );
|
||||
mbedtls_printf( " This certificate has no flags\n" );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
@@ -159,13 +159,13 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0, server_fd;
|
||||
unsigned char buf[1024];
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_crt cacert;
|
||||
x509_crt clicert;
|
||||
x509_crl cacrl;
|
||||
pk_context pkey;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
mbedtls_ssl_context ssl;
|
||||
mbedtls_x509_crt cacert;
|
||||
mbedtls_x509_crt clicert;
|
||||
mbedtls_x509_crl cacrl;
|
||||
mbedtls_pk_context pkey;
|
||||
int i, j;
|
||||
int flags, verify = 0;
|
||||
char *p, *q;
|
||||
@@ -175,21 +175,21 @@ int main( int argc, char *argv[] )
|
||||
* Set to sane values
|
||||
*/
|
||||
server_fd = 0;
|
||||
x509_crt_init( &cacert );
|
||||
x509_crt_init( &clicert );
|
||||
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
||||
x509_crl_init( &cacrl );
|
||||
mbedtls_x509_crt_init( &cacert );
|
||||
mbedtls_x509_crt_init( &clicert );
|
||||
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||
mbedtls_x509_crl_init( &cacrl );
|
||||
#else
|
||||
/* Zeroize structure as CRL parsing is not supported and we have to pass
|
||||
it to the verify function */
|
||||
memset( &cacrl, 0, sizeof(x509_crl) );
|
||||
memset( &cacrl, 0, sizeof(mbedtls_x509_crl) );
|
||||
#endif
|
||||
pk_init( &pkey );
|
||||
mbedtls_pk_init( &pkey );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
usage:
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
ret = 2;
|
||||
goto exit;
|
||||
}
|
||||
@@ -261,34 +261,34 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 1.1. Load the trusted CA
|
||||
*/
|
||||
polarssl_printf( " . Loading the CA root certificate ..." );
|
||||
mbedtls_printf( " . Loading the CA root certificate ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( strlen( opt.ca_path ) )
|
||||
{
|
||||
ret = x509_crt_parse_path( &cacert, opt.ca_path );
|
||||
ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path );
|
||||
verify = 1;
|
||||
}
|
||||
else if( strlen( opt.ca_file ) )
|
||||
{
|
||||
ret = x509_crt_parse_file( &cacert, opt.ca_file );
|
||||
ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
|
||||
verify = 1;
|
||||
}
|
||||
|
||||
if( ret < 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok (%d skipped)\n", ret );
|
||||
mbedtls_printf( " ok (%d skipped)\n", ret );
|
||||
|
||||
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
||||
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||
if( strlen( opt.crl_file ) )
|
||||
{
|
||||
if( ( ret = x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 )
|
||||
if( ( ret = mbedtls_x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crl_parse returned -0x%x\n\n", -ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -298,50 +298,50 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( opt.mode == MODE_FILE )
|
||||
{
|
||||
x509_crt crt;
|
||||
x509_crt *cur = &crt;
|
||||
x509_crt_init( &crt );
|
||||
mbedtls_x509_crt crt;
|
||||
mbedtls_x509_crt *cur = &crt;
|
||||
mbedtls_x509_crt_init( &crt );
|
||||
|
||||
/*
|
||||
* 1.1. Load the certificate(s)
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the certificate(s) ..." );
|
||||
mbedtls_printf( "\n . Loading the certificate(s) ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_crt_parse_file( &crt, opt.filename );
|
||||
ret = mbedtls_x509_crt_parse_file( &crt, opt.filename );
|
||||
|
||||
if( ret < 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
|
||||
x509_crt_free( &crt );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret );
|
||||
mbedtls_x509_crt_free( &crt );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( opt.permissive == 0 && ret > 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_parse failed to parse %d certificates\n\n", ret );
|
||||
x509_crt_free( &crt );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse failed to parse %d certificates\n\n", ret );
|
||||
mbedtls_x509_crt_free( &crt );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.2 Print the certificate(s)
|
||||
*/
|
||||
while( cur != NULL )
|
||||
{
|
||||
polarssl_printf( " . Peer certificate information ...\n" );
|
||||
ret = x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||
mbedtls_printf( " . Peer certificate information ...\n" );
|
||||
ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||
cur );
|
||||
if( ret == -1 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_info returned %d\n\n", ret );
|
||||
x509_crt_free( &crt );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret );
|
||||
mbedtls_x509_crt_free( &crt );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "%s\n", buf );
|
||||
mbedtls_printf( "%s\n", buf );
|
||||
|
||||
cur = cur->next;
|
||||
}
|
||||
@@ -353,99 +353,99 @@ int main( int argc, char *argv[] )
|
||||
*/
|
||||
if( verify )
|
||||
{
|
||||
polarssl_printf( " . Verifying X.509 certificate..." );
|
||||
mbedtls_printf( " . Verifying X.509 certificate..." );
|
||||
|
||||
if( ( ret = x509_crt_verify( &crt, &cacert, &cacrl, NULL, &flags,
|
||||
if( ( ret = mbedtls_x509_crt_verify( &crt, &cacert, &cacrl, NULL, &flags,
|
||||
my_verify, NULL ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n" );
|
||||
mbedtls_printf( " failed\n" );
|
||||
|
||||
if( ( ret & BADCERT_EXPIRED ) != 0 )
|
||||
polarssl_printf( " ! server certificate has expired\n" );
|
||||
if( ( ret & MBEDTLS_BADCERT_EXPIRED ) != 0 )
|
||||
mbedtls_printf( " ! server certificate has expired\n" );
|
||||
|
||||
if( ( ret & BADCERT_REVOKED ) != 0 )
|
||||
polarssl_printf( " ! server certificate has been revoked\n" );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_REVOKED ) != 0 )
|
||||
mbedtls_printf( " ! server certificate has been revoked\n" );
|
||||
|
||||
if( ( ret & BADCERT_CN_MISMATCH ) != 0 )
|
||||
polarssl_printf( " ! CN mismatch (expected CN=%s)\n", opt.server_name );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 )
|
||||
mbedtls_printf( " ! CN mismatch (expected CN=%s)\n", opt.server_name );
|
||||
|
||||
if( ( ret & BADCERT_NOT_TRUSTED ) != 0 )
|
||||
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
|
||||
if( ( ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 )
|
||||
mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" );
|
||||
|
||||
polarssl_printf( "\n" );
|
||||
mbedtls_printf( "\n" );
|
||||
}
|
||||
else
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
}
|
||||
|
||||
x509_crt_free( &crt );
|
||||
mbedtls_x509_crt_free( &crt );
|
||||
}
|
||||
else if( opt.mode == MODE_SSL )
|
||||
{
|
||||
/*
|
||||
* 1. Initialize the RNG and the session data
|
||||
*/
|
||||
polarssl_printf( "\n . Seeding the random number generator..." );
|
||||
mbedtls_printf( "\n . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 2. Start the connection
|
||||
*/
|
||||
polarssl_printf( " . SSL connection to tcp/%s/%-4d...", opt.server_name,
|
||||
mbedtls_printf( " . SSL connection to tcp/%s/%-4d...", opt.server_name,
|
||||
opt.server_port );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = net_connect( &server_fd, opt.server_name,
|
||||
opt.server_port, NET_PROTO_TCP ) ) != 0 )
|
||||
if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name,
|
||||
opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* 3. Setup stuff
|
||||
*/
|
||||
if( ( ret = ssl_init( &ssl ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
||||
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
|
||||
if( verify )
|
||||
{
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_REQUIRED );
|
||||
ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
|
||||
ssl_set_verify( &ssl, my_verify, NULL );
|
||||
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_REQUIRED );
|
||||
mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
|
||||
mbedtls_ssl_set_verify( &ssl, my_verify, NULL );
|
||||
}
|
||||
else
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
|
||||
|
||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
ssl_set_bio_timeout( &ssl, &server_fd, net_send, net_recv, NULL, 0 );
|
||||
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
|
||||
|
||||
if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
|
||||
if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
|
||||
if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
|
||||
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
|
||||
if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
#endif
|
||||
@@ -453,35 +453,35 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 4. Handshake
|
||||
*/
|
||||
while( ( ret = ssl_handshake( &ssl ) ) != 0 )
|
||||
while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
|
||||
ssl_free( &ssl );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 5. Print the certificate
|
||||
*/
|
||||
polarssl_printf( " . Peer certificate information ...\n" );
|
||||
ret = x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||
mbedtls_printf( " . Peer certificate information ...\n" );
|
||||
ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||
ssl.session->peer_cert );
|
||||
if( ret == -1 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crt_info returned %d\n\n", ret );
|
||||
ssl_free( &ssl );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "%s\n", buf );
|
||||
mbedtls_printf( "%s\n", buf );
|
||||
|
||||
ssl_close_notify( &ssl );
|
||||
ssl_free( &ssl );
|
||||
mbedtls_ssl_close_notify( &ssl );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
}
|
||||
else
|
||||
goto usage;
|
||||
@@ -489,18 +489,18 @@ int main( int argc, char *argv[] )
|
||||
exit:
|
||||
|
||||
if( server_fd )
|
||||
net_close( server_fd );
|
||||
x509_crt_free( &cacert );
|
||||
x509_crt_free( &clicert );
|
||||
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
||||
x509_crl_free( &cacrl );
|
||||
mbedtls_net_close( server_fd );
|
||||
mbedtls_x509_crt_free( &cacert );
|
||||
mbedtls_x509_crt_free( &clicert );
|
||||
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||
mbedtls_x509_crl_free( &cacrl );
|
||||
#endif
|
||||
pk_free( &pkey );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_pk_free( &pkey );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
@@ -509,6 +509,6 @@ exit:
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_SSL_TLS_C &&
|
||||
POLARSSL_SSL_CLI_C && POLARSSL_NET_C && POLARSSL_RSA_C &&
|
||||
POLARSSL_X509_CRT_PARSE_C && POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
|
||||
MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
|
||||
MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -20,27 +20,27 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_X509_CSR_WRITE_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_SHA256_C) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
|
||||
#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) || \
|
||||
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_PK_PARSE_C and/or POLARSSL_SHA256_C and/or "
|
||||
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
|
||||
mbedtls_printf( "MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or "
|
||||
"MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or "
|
||||
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
|
||||
"not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
@@ -102,7 +102,7 @@ struct options
|
||||
unsigned char ns_cert_type; /* NS cert type */
|
||||
} opt;
|
||||
|
||||
int write_certificate_request( x509write_csr *req, const char *output_file,
|
||||
int write_certificate_request( mbedtls_x509write_csr *req, const char *output_file,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
@@ -112,7 +112,7 @@ int write_certificate_request( x509write_csr *req, const char *output_file,
|
||||
size_t len = 0;
|
||||
|
||||
memset( output_buf, 0, 4096 );
|
||||
if( ( ret = x509write_csr_pem( req, output_buf, 4096, f_rng, p_rng ) ) < 0 )
|
||||
if( ( ret = mbedtls_x509write_csr_pem( req, output_buf, 4096, f_rng, p_rng ) ) < 0 )
|
||||
return( ret );
|
||||
|
||||
len = strlen( (char *) output_buf );
|
||||
@@ -134,27 +134,27 @@ int write_certificate_request( x509write_csr *req, const char *output_file,
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0;
|
||||
pk_context key;
|
||||
mbedtls_pk_context key;
|
||||
char buf[1024];
|
||||
int i;
|
||||
char *p, *q, *r;
|
||||
x509write_csr req;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_x509write_csr req;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
const char *pers = "csr example app";
|
||||
|
||||
/*
|
||||
* Set to sane values
|
||||
*/
|
||||
x509write_csr_init( &req );
|
||||
x509write_csr_set_md_alg( &req, POLARSSL_MD_SHA256 );
|
||||
pk_init( &key );
|
||||
mbedtls_x509write_csr_init( &req );
|
||||
mbedtls_x509write_csr_set_md_alg( &req, MBEDTLS_MD_SHA256 );
|
||||
mbedtls_pk_init( &key );
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
usage:
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
@@ -196,19 +196,19 @@ int main( int argc, char *argv[] )
|
||||
*r++ = '\0';
|
||||
|
||||
if( strcmp( q, "digital_signature" ) == 0 )
|
||||
opt.key_usage |= KU_DIGITAL_SIGNATURE;
|
||||
opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
|
||||
else if( strcmp( q, "non_repudiation" ) == 0 )
|
||||
opt.key_usage |= KU_NON_REPUDIATION;
|
||||
opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION;
|
||||
else if( strcmp( q, "key_encipherment" ) == 0 )
|
||||
opt.key_usage |= KU_KEY_ENCIPHERMENT;
|
||||
opt.key_usage |= MBEDTLS_KU_KEY_ENCIPHERMENT;
|
||||
else if( strcmp( q, "data_encipherment" ) == 0 )
|
||||
opt.key_usage |= KU_DATA_ENCIPHERMENT;
|
||||
opt.key_usage |= MBEDTLS_KU_DATA_ENCIPHERMENT;
|
||||
else if( strcmp( q, "key_agreement" ) == 0 )
|
||||
opt.key_usage |= KU_KEY_AGREEMENT;
|
||||
opt.key_usage |= MBEDTLS_KU_KEY_AGREEMENT;
|
||||
else if( strcmp( q, "key_cert_sign" ) == 0 )
|
||||
opt.key_usage |= KU_KEY_CERT_SIGN;
|
||||
opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN;
|
||||
else if( strcmp( q, "crl_sign" ) == 0 )
|
||||
opt.key_usage |= KU_CRL_SIGN;
|
||||
opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN;
|
||||
else
|
||||
goto usage;
|
||||
|
||||
@@ -223,19 +223,19 @@ int main( int argc, char *argv[] )
|
||||
*r++ = '\0';
|
||||
|
||||
if( strcmp( q, "ssl_client" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_SSL_CLIENT;
|
||||
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT;
|
||||
else if( strcmp( q, "ssl_server" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_SSL_SERVER;
|
||||
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_SSL_SERVER;
|
||||
else if( strcmp( q, "email" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_EMAIL;
|
||||
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL;
|
||||
else if( strcmp( q, "object_signing" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_OBJECT_SIGNING;
|
||||
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING;
|
||||
else if( strcmp( q, "ssl_ca" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_SSL_CA;
|
||||
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_SSL_CA;
|
||||
else if( strcmp( q, "email_ca" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_EMAIL_CA;
|
||||
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_EMAIL_CA;
|
||||
else if( strcmp( q, "object_signing_ca" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
|
||||
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_OBJECT_SIGNING_CA;
|
||||
else
|
||||
goto usage;
|
||||
|
||||
@@ -247,98 +247,98 @@ int main( int argc, char *argv[] )
|
||||
}
|
||||
|
||||
if( opt.key_usage )
|
||||
x509write_csr_set_key_usage( &req, opt.key_usage );
|
||||
mbedtls_x509write_csr_set_key_usage( &req, opt.key_usage );
|
||||
|
||||
if( opt.ns_cert_type )
|
||||
x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type );
|
||||
mbedtls_x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type );
|
||||
|
||||
/*
|
||||
* 0. Seed the PRNG
|
||||
*/
|
||||
polarssl_printf( " . Seeding the random number generator..." );
|
||||
mbedtls_printf( " . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.0. Check the subject name for validity
|
||||
*/
|
||||
polarssl_printf( " . Checking subjet name..." );
|
||||
mbedtls_printf( " . Checking subjet name..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 )
|
||||
if( ( ret = mbedtls_x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509write_csr_set_subject_name returned %d", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509write_csr_set_subject_name returned %d", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.1. Load the key
|
||||
*/
|
||||
polarssl_printf( " . Loading the private key ..." );
|
||||
mbedtls_printf( " . Loading the private key ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = pk_parse_keyfile( &key, opt.filename, NULL );
|
||||
ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! pk_parse_keyfile returned %d", ret );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned %d", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
x509write_csr_set_key( &req, &key );
|
||||
mbedtls_x509write_csr_set_key( &req, &key );
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.2. Writing the request
|
||||
*/
|
||||
polarssl_printf( " . Writing the certificate request ..." );
|
||||
mbedtls_printf( " . Writing the certificate request ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = write_certificate_request( &req, opt.output_file,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! write_certifcate_request %d", ret );
|
||||
mbedtls_printf( " failed\n ! write_certifcate_request %d", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
exit:
|
||||
|
||||
if( ret != 0 && ret != 1)
|
||||
{
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
polarssl_strerror( ret, buf, sizeof( buf ) );
|
||||
polarssl_printf( " - %s\n", buf );
|
||||
#ifdef MBEDTLS_ERROR_C
|
||||
mbedtls_strerror( ret, buf, sizeof( buf ) );
|
||||
mbedtls_printf( " - %s\n", buf );
|
||||
#else
|
||||
polarssl_printf("\n");
|
||||
mbedtls_printf("\n");
|
||||
#endif
|
||||
}
|
||||
|
||||
x509write_csr_free( &req );
|
||||
pk_free( &key );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_x509write_csr_free( &req );
|
||||
mbedtls_pk_free( &key );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_X509_CSR_WRITE_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
|
||||
POLARSSL_ENTROPY_C && POLARSSL_CTR_DRBG_C */
|
||||
#endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
|
||||
MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
@@ -20,29 +20,29 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_X509_CRT_WRITE_C) || \
|
||||
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
|
||||
!defined(POLARSSL_ERROR_C) || !defined(POLARSSL_SHA256_C)
|
||||
#if !defined(MBEDTLS_X509_CRT_WRITE_C) || \
|
||||
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
|
||||
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
|
||||
!defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
|
||||
"POLARSSL_FS_IO and/or POLARSSL_SHA256_C and_or "
|
||||
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
|
||||
"POLARSSL_ERROR_C not defined.\n");
|
||||
mbedtls_printf( "MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
|
||||
"MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and_or "
|
||||
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
|
||||
"MBEDTLS_ERROR_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -57,14 +57,14 @@ int main( void )
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#if defined(POLARSSL_X509_CSR_PARSE_C)
|
||||
#if defined(MBEDTLS_X509_CSR_PARSE_C)
|
||||
#define USAGE_CSR \
|
||||
" request_file=%%s default: (empty)\n" \
|
||||
" If request_file is specified, subject_key,\n" \
|
||||
" subject_pwd and subject_name are ignored!\n"
|
||||
#else
|
||||
#define USAGE_CSR ""
|
||||
#endif /* POLARSSL_X509_CSR_PARSE_C */
|
||||
#endif /* MBEDTLS_X509_CSR_PARSE_C */
|
||||
|
||||
#define DFL_ISSUER_CRT ""
|
||||
#define DFL_REQUEST_FILE ""
|
||||
@@ -153,7 +153,7 @@ struct options
|
||||
unsigned char ns_cert_type; /* NS cert type */
|
||||
} opt;
|
||||
|
||||
int write_certificate( x509write_cert *crt, const char *output_file,
|
||||
int write_certificate( mbedtls_x509write_cert *crt, const char *output_file,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
@@ -163,7 +163,7 @@ int write_certificate( x509write_cert *crt, const char *output_file,
|
||||
size_t len = 0;
|
||||
|
||||
memset( output_buf, 0, 4096 );
|
||||
if( ( ret = x509write_crt_pem( crt, output_buf, 4096, f_rng, p_rng ) ) < 0 )
|
||||
if( ( ret = mbedtls_x509write_crt_pem( crt, output_buf, 4096, f_rng, p_rng ) ) < 0 )
|
||||
return( ret );
|
||||
|
||||
len = strlen( (char *) output_buf );
|
||||
@@ -185,42 +185,42 @@ int write_certificate( x509write_cert *crt, const char *output_file,
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0;
|
||||
x509_crt issuer_crt;
|
||||
pk_context loaded_issuer_key, loaded_subject_key;
|
||||
pk_context *issuer_key = &loaded_issuer_key,
|
||||
mbedtls_x509_crt issuer_crt;
|
||||
mbedtls_pk_context loaded_issuer_key, loaded_subject_key;
|
||||
mbedtls_pk_context *issuer_key = &loaded_issuer_key,
|
||||
*subject_key = &loaded_subject_key;
|
||||
char buf[1024];
|
||||
char issuer_name[128];
|
||||
int i;
|
||||
char *p, *q, *r;
|
||||
#if defined(POLARSSL_X509_CSR_PARSE_C)
|
||||
#if defined(MBEDTLS_X509_CSR_PARSE_C)
|
||||
char subject_name[128];
|
||||
x509_csr csr;
|
||||
mbedtls_x509_csr csr;
|
||||
#endif
|
||||
x509write_cert crt;
|
||||
mpi serial;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
mbedtls_x509write_cert crt;
|
||||
mbedtls_mpi serial;
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
const char *pers = "crt example app";
|
||||
|
||||
/*
|
||||
* Set to sane values
|
||||
*/
|
||||
x509write_crt_init( &crt );
|
||||
x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA256 );
|
||||
pk_init( &loaded_issuer_key );
|
||||
pk_init( &loaded_subject_key );
|
||||
mpi_init( &serial );
|
||||
#if defined(POLARSSL_X509_CSR_PARSE_C)
|
||||
x509_csr_init( &csr );
|
||||
mbedtls_x509write_crt_init( &crt );
|
||||
mbedtls_x509write_crt_set_md_alg( &crt, MBEDTLS_MD_SHA256 );
|
||||
mbedtls_pk_init( &loaded_issuer_key );
|
||||
mbedtls_pk_init( &loaded_subject_key );
|
||||
mbedtls_mpi_init( &serial );
|
||||
#if defined(MBEDTLS_X509_CSR_PARSE_C)
|
||||
mbedtls_x509_csr_init( &csr );
|
||||
#endif
|
||||
x509_crt_init( &issuer_crt );
|
||||
mbedtls_x509_crt_init( &issuer_crt );
|
||||
memset( buf, 0, 1024 );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
usage:
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
@@ -312,19 +312,19 @@ int main( int argc, char *argv[] )
|
||||
*r++ = '\0';
|
||||
|
||||
if( strcmp( q, "digital_signature" ) == 0 )
|
||||
opt.key_usage |= KU_DIGITAL_SIGNATURE;
|
||||
opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
|
||||
else if( strcmp( q, "non_repudiation" ) == 0 )
|
||||
opt.key_usage |= KU_NON_REPUDIATION;
|
||||
opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION;
|
||||
else if( strcmp( q, "key_encipherment" ) == 0 )
|
||||
opt.key_usage |= KU_KEY_ENCIPHERMENT;
|
||||
opt.key_usage |= MBEDTLS_KU_KEY_ENCIPHERMENT;
|
||||
else if( strcmp( q, "data_encipherment" ) == 0 )
|
||||
opt.key_usage |= KU_DATA_ENCIPHERMENT;
|
||||
opt.key_usage |= MBEDTLS_KU_DATA_ENCIPHERMENT;
|
||||
else if( strcmp( q, "key_agreement" ) == 0 )
|
||||
opt.key_usage |= KU_KEY_AGREEMENT;
|
||||
opt.key_usage |= MBEDTLS_KU_KEY_AGREEMENT;
|
||||
else if( strcmp( q, "key_cert_sign" ) == 0 )
|
||||
opt.key_usage |= KU_KEY_CERT_SIGN;
|
||||
opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN;
|
||||
else if( strcmp( q, "crl_sign" ) == 0 )
|
||||
opt.key_usage |= KU_CRL_SIGN;
|
||||
opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN;
|
||||
else
|
||||
goto usage;
|
||||
|
||||
@@ -339,19 +339,19 @@ int main( int argc, char *argv[] )
|
||||
*r++ = '\0';
|
||||
|
||||
if( strcmp( q, "ssl_client" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_SSL_CLIENT;
|
||||
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT;
|
||||
else if( strcmp( q, "ssl_server" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_SSL_SERVER;
|
||||
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_SSL_SERVER;
|
||||
else if( strcmp( q, "email" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_EMAIL;
|
||||
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL;
|
||||
else if( strcmp( q, "object_signing" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_OBJECT_SIGNING;
|
||||
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING;
|
||||
else if( strcmp( q, "ssl_ca" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_SSL_CA;
|
||||
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_SSL_CA;
|
||||
else if( strcmp( q, "email_ca" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_EMAIL_CA;
|
||||
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_EMAIL_CA;
|
||||
else if( strcmp( q, "object_signing_ca" ) == 0 )
|
||||
opt.ns_cert_type |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
|
||||
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_OBJECT_SIGNING_CA;
|
||||
else
|
||||
goto usage;
|
||||
|
||||
@@ -362,39 +362,39 @@ int main( int argc, char *argv[] )
|
||||
goto usage;
|
||||
}
|
||||
|
||||
polarssl_printf("\n");
|
||||
mbedtls_printf("\n");
|
||||
|
||||
/*
|
||||
* 0. Seed the PRNG
|
||||
*/
|
||||
polarssl_printf( " . Seeding the random number generator..." );
|
||||
mbedtls_printf( " . Seeding the random number generator..." );
|
||||
fflush( stdout );
|
||||
|
||||
entropy_init( &entropy );
|
||||
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
|
||||
mbedtls_entropy_init( &entropy );
|
||||
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
||||
(const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! ctr_drbg_init returned %d - %s\n", ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d - %s\n", ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
// Parse serial to MPI
|
||||
//
|
||||
polarssl_printf( " . Reading serial number..." );
|
||||
mbedtls_printf( " . Reading serial number..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = mpi_read_string( &serial, 10, opt.serial ) ) != 0 )
|
||||
if( ( ret = mbedtls_mpi_read_string( &serial, 10, opt.serial ) ) != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! mpi_read_string returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_mpi_read_string returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
// Parse issuer certificate if present
|
||||
//
|
||||
@@ -403,31 +403,31 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 1.0.a. Load the certificates
|
||||
*/
|
||||
polarssl_printf( " . Loading the issuer certificate ..." );
|
||||
mbedtls_printf( " . Loading the issuer certificate ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 )
|
||||
if( ( ret = mbedtls_x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509_crt_parse_file returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = x509_dn_gets( issuer_name, sizeof(issuer_name),
|
||||
ret = mbedtls_x509_dn_gets( issuer_name, sizeof(issuer_name),
|
||||
&issuer_crt.subject );
|
||||
if( ret < 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
opt.issuer_name = issuer_name;
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_X509_CSR_PARSE_C)
|
||||
#if defined(MBEDTLS_X509_CSR_PARSE_C)
|
||||
// Parse certificate request if present
|
||||
//
|
||||
if( !opt.selfsign && strlen( opt.request_file ) )
|
||||
@@ -435,61 +435,61 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 1.0.b. Load the CSR
|
||||
*/
|
||||
polarssl_printf( " . Loading the certificate request ..." );
|
||||
mbedtls_printf( " . Loading the certificate request ..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = x509_csr_parse_file( &csr, opt.request_file ) ) != 0 )
|
||||
if( ( ret = mbedtls_x509_csr_parse_file( &csr, opt.request_file ) ) != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509_csr_parse_file returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = x509_dn_gets( subject_name, sizeof(subject_name),
|
||||
ret = mbedtls_x509_dn_gets( subject_name, sizeof(subject_name),
|
||||
&csr.subject );
|
||||
if( ret < 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
opt.subject_name = subject_name;
|
||||
subject_key = &csr.pk;
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
}
|
||||
#endif /* POLARSSL_X509_CSR_PARSE_C */
|
||||
#endif /* MBEDTLS_X509_CSR_PARSE_C */
|
||||
|
||||
/*
|
||||
* 1.1. Load the keys
|
||||
*/
|
||||
if( !opt.selfsign && !strlen( opt.request_file ) )
|
||||
{
|
||||
polarssl_printf( " . Loading the subject key ..." );
|
||||
mbedtls_printf( " . Loading the subject key ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = pk_parse_keyfile( &loaded_subject_key, opt.subject_key,
|
||||
ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key,
|
||||
opt.subject_pwd );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! pk_parse_keyfile returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
}
|
||||
|
||||
polarssl_printf( " . Loading the issuer key ..." );
|
||||
mbedtls_printf( " . Loading the issuer key ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key,
|
||||
ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key,
|
||||
opt.issuer_pwd );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! pk_parse_keyfile returned -x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -497,19 +497,19 @@ int main( int argc, char *argv[] )
|
||||
//
|
||||
if( strlen( opt.issuer_crt ) )
|
||||
{
|
||||
if( !pk_can_do( &issuer_crt.pk, POLARSSL_PK_RSA ) ||
|
||||
mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->N,
|
||||
&pk_rsa( *issuer_key )->N ) != 0 ||
|
||||
mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->E,
|
||||
&pk_rsa( *issuer_key )->E ) != 0 )
|
||||
if( !mbedtls_pk_can_do( &issuer_crt.pk, MBEDTLS_PK_RSA ) ||
|
||||
mbedtls_mpi_cmp_mpi( &mbedtls_pk_rsa( issuer_crt.pk )->N,
|
||||
&mbedtls_pk_rsa( *issuer_key )->N ) != 0 ||
|
||||
mbedtls_mpi_cmp_mpi( &mbedtls_pk_rsa( issuer_crt.pk )->E,
|
||||
&mbedtls_pk_rsa( *issuer_key )->E ) != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! issuer_key does not match issuer certificate\n\n" );
|
||||
mbedtls_printf( " failed\n ! issuer_key does not match issuer certificate\n\n" );
|
||||
ret = -1;
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
if( opt.selfsign )
|
||||
{
|
||||
@@ -517,152 +517,152 @@ int main( int argc, char *argv[] )
|
||||
subject_key = issuer_key;
|
||||
}
|
||||
|
||||
x509write_crt_set_subject_key( &crt, subject_key );
|
||||
x509write_crt_set_issuer_key( &crt, issuer_key );
|
||||
mbedtls_x509write_crt_set_subject_key( &crt, subject_key );
|
||||
mbedtls_x509write_crt_set_issuer_key( &crt, issuer_key );
|
||||
|
||||
/*
|
||||
* 1.0. Check the names for validity
|
||||
*/
|
||||
if( ( ret = x509write_crt_set_subject_name( &crt, opt.subject_name ) ) != 0 )
|
||||
if( ( ret = mbedtls_x509write_crt_set_subject_name( &crt, opt.subject_name ) ) != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509write_crt_set_subject_name returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject_name returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = x509write_crt_set_issuer_name( &crt, opt.issuer_name ) ) != 0 )
|
||||
if( ( ret = mbedtls_x509write_crt_set_issuer_name( &crt, opt.issuer_name ) ) != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509write_crt_set_issuer_name returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_issuer_name returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " . Setting certificate values ..." );
|
||||
mbedtls_printf( " . Setting certificate values ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509write_crt_set_serial( &crt, &serial );
|
||||
ret = mbedtls_x509write_crt_set_serial( &crt, &serial );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509write_crt_set_serial returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_serial returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = x509write_crt_set_validity( &crt, opt.not_before, opt.not_after );
|
||||
ret = mbedtls_x509write_crt_set_validity( &crt, opt.not_before, opt.not_after );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509write_crt_set_validity returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_validity returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
polarssl_printf( " . Adding the Basic Constraints extension ..." );
|
||||
mbedtls_printf( " . Adding the Basic Constraints extension ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509write_crt_set_basic_constraints( &crt, opt.is_ca,
|
||||
ret = mbedtls_x509write_crt_set_basic_constraints( &crt, opt.is_ca,
|
||||
opt.max_pathlen );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509write_crt_set_basic_contraints returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! x509write_crt_set_basic_contraints returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
polarssl_printf( " . Adding the Subject Key Identifier ..." );
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
mbedtls_printf( " . Adding the Subject Key Identifier ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509write_crt_set_subject_key_identifier( &crt );
|
||||
ret = mbedtls_x509write_crt_set_subject_key_identifier( &crt );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509write_crt_set_subject_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
polarssl_printf( " . Adding the Authority Key Identifier ..." );
|
||||
mbedtls_printf( " . Adding the Authority Key Identifier ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509write_crt_set_authority_key_identifier( &crt );
|
||||
ret = mbedtls_x509write_crt_set_authority_key_identifier( &crt );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509write_crt_set_authority_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_authority_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
#endif /* POLARSSL_SHA1_C */
|
||||
mbedtls_printf( " ok\n" );
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
|
||||
if( opt.key_usage )
|
||||
{
|
||||
polarssl_printf( " . Adding the Key Usage extension ..." );
|
||||
mbedtls_printf( " . Adding the Key Usage extension ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509write_crt_set_key_usage( &crt, opt.key_usage );
|
||||
ret = mbedtls_x509write_crt_set_key_usage( &crt, opt.key_usage );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509write_crt_set_key_usage returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_key_usage returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
}
|
||||
|
||||
if( opt.ns_cert_type )
|
||||
{
|
||||
polarssl_printf( " . Adding the NS Cert Type extension ..." );
|
||||
mbedtls_printf( " . Adding the NS Cert Type extension ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509write_crt_set_ns_cert_type( &crt, opt.ns_cert_type );
|
||||
ret = mbedtls_x509write_crt_set_ns_cert_type( &crt, opt.ns_cert_type );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! x509write_crt_set_ns_cert_type returned -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_ns_cert_type returned -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
}
|
||||
|
||||
/*
|
||||
* 1.2. Writing the request
|
||||
*/
|
||||
polarssl_printf( " . Writing the certificate..." );
|
||||
mbedtls_printf( " . Writing the certificate..." );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = write_certificate( &crt, opt.output_file,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
polarssl_strerror( ret, buf, 1024 );
|
||||
polarssl_printf( " failed\n ! write_certifcate -0x%02x - %s\n\n", -ret, buf );
|
||||
mbedtls_strerror( ret, buf, 1024 );
|
||||
mbedtls_printf( " failed\n ! write_certifcate -0x%02x - %s\n\n", -ret, buf );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
exit:
|
||||
x509write_crt_free( &crt );
|
||||
pk_free( &loaded_subject_key );
|
||||
pk_free( &loaded_issuer_key );
|
||||
mpi_free( &serial );
|
||||
ctr_drbg_free( &ctr_drbg );
|
||||
entropy_free( &entropy );
|
||||
mbedtls_x509write_crt_free( &crt );
|
||||
mbedtls_pk_free( &loaded_subject_key );
|
||||
mbedtls_pk_free( &loaded_issuer_key );
|
||||
mbedtls_mpi_free( &serial );
|
||||
mbedtls_ctr_drbg_free( &ctr_drbg );
|
||||
mbedtls_entropy_free( &entropy );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_X509_CRT_WRITE_C && POLARSSL_X509_CRT_PARSE_C &&
|
||||
POLARSSL_FS_IO && POLARSSL_ENTROPY_C && POLARSSL_CTR_DRBG_C &&
|
||||
POLARSSL_ERROR_C */
|
||||
#endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C &&
|
||||
MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
|
||||
MBEDTLS_ERROR_C */
|
||||
|
||||
@@ -20,25 +20,25 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_X509_CRL_PARSE_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_X509_CRL_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -70,19 +70,19 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0;
|
||||
unsigned char buf[100000];
|
||||
x509_crl crl;
|
||||
mbedtls_x509_crl crl;
|
||||
int i;
|
||||
char *p, *q;
|
||||
|
||||
/*
|
||||
* Set to sane values
|
||||
*/
|
||||
x509_crl_init( &crl );
|
||||
mbedtls_x509_crl_init( &crl );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
usage:
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -104,43 +104,43 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 1.1. Load the CRL
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the CRL ..." );
|
||||
mbedtls_printf( "\n . Loading the CRL ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_crl_parse_file( &crl, opt.filename );
|
||||
ret = mbedtls_x509_crl_parse_file( &crl, opt.filename );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crl_parse_file returned %d\n\n", ret );
|
||||
x509_crl_free( &crl );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse_file returned %d\n\n", ret );
|
||||
mbedtls_x509_crl_free( &crl );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.2 Print the CRL
|
||||
*/
|
||||
polarssl_printf( " . CRL information ...\n" );
|
||||
ret = x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
|
||||
mbedtls_printf( " . CRL information ...\n" );
|
||||
ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
|
||||
if( ret == -1 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_crl_info returned %d\n\n", ret );
|
||||
x509_crl_free( &crl );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_crl_info returned %d\n\n", ret );
|
||||
mbedtls_x509_crl_free( &crl );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "%s\n", buf );
|
||||
mbedtls_printf( "%s\n", buf );
|
||||
|
||||
exit:
|
||||
x509_crl_free( &crl );
|
||||
mbedtls_x509_crl_free( &crl );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_X509_CRL_PARSE_C &&
|
||||
POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C &&
|
||||
MBEDTLS_FS_IO */
|
||||
|
||||
@@ -20,25 +20,25 @@
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define polarssl_printf printf
|
||||
#define mbedtls_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_X509_CSR_PARSE_C) || !defined(POLARSSL_FS_IO)
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
|
||||
!defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
{
|
||||
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_X509_CSR_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
|
||||
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
|
||||
"MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
@@ -70,19 +70,19 @@ int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0;
|
||||
unsigned char buf[100000];
|
||||
x509_csr csr;
|
||||
mbedtls_x509_csr csr;
|
||||
int i;
|
||||
char *p, *q;
|
||||
|
||||
/*
|
||||
* Set to sane values
|
||||
*/
|
||||
x509_csr_init( &csr );
|
||||
mbedtls_x509_csr_init( &csr );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
usage:
|
||||
polarssl_printf( USAGE );
|
||||
mbedtls_printf( USAGE );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@@ -104,43 +104,43 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* 1.1. Load the CSR
|
||||
*/
|
||||
polarssl_printf( "\n . Loading the CSR ..." );
|
||||
mbedtls_printf( "\n . Loading the CSR ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_csr_parse_file( &csr, opt.filename );
|
||||
ret = mbedtls_x509_csr_parse_file( &csr, opt.filename );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_csr_parse_file returned %d\n\n", ret );
|
||||
x509_csr_free( &csr );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file returned %d\n\n", ret );
|
||||
mbedtls_x509_csr_free( &csr );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( " ok\n" );
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.2 Print the CSR
|
||||
*/
|
||||
polarssl_printf( " . CSR information ...\n" );
|
||||
ret = x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
|
||||
mbedtls_printf( " . CSR information ...\n" );
|
||||
ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
|
||||
if( ret == -1 )
|
||||
{
|
||||
polarssl_printf( " failed\n ! x509_csr_info returned %d\n\n", ret );
|
||||
x509_csr_free( &csr );
|
||||
mbedtls_printf( " failed\n ! mbedtls_x509_csr_info returned %d\n\n", ret );
|
||||
mbedtls_x509_csr_free( &csr );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
polarssl_printf( "%s\n", buf );
|
||||
mbedtls_printf( "%s\n", buf );
|
||||
|
||||
exit:
|
||||
x509_csr_free( &csr );
|
||||
mbedtls_x509_csr_free( &csr );
|
||||
|
||||
#if defined(_WIN32)
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
mbedtls_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_X509_CSR_PARSE_C &&
|
||||
POLARSSL_FS_IO */
|
||||
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C &&
|
||||
MBEDTLS_FS_IO */
|
||||
|
||||
Reference in New Issue
Block a user