SwitchEmu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-02-19 08:43:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'development' into dtls

Browse Source 
* development: (100 commits)
  Update Changelog for the mem-measure branch
  Fix issues introduced when rebasing
  Fix compile error in memory_buffer_alloc_selftest
  Code cosmetics
  Add curve25519 to ecc-heap.sh
  Add curve25519 to the benchmark program
  Fix compile issue when buffer_alloc not available
  New script ecc-heap.sh
  Fix unused variable issue in some configs
  Rm usunused member in private struct
  Add heap usage for PK in benchmark
  Use memory_buffer_alloc() in benchmark if available
  Only define mode_func if mode is enabled (CBC etc)
  PKCS8 encrypted key depend on PKCS5 or PKCS12
  Disable SRV_C for client measurement
  Output stack+heap usage with massif
  Enable NIST_OPTIM by default for config-suite-b
  Refactor memory.sh
  Adapt memory.sh to config-suite-b
  Adapt mini-client for config-suite-b.h
  ...

Conflicts:
	ChangeLog
	include/polarssl/net.h
	library/Makefile
	library/error.c
	library/ssl_tls.c
	programs/Makefile
	programs/ssl/ssl_client2.c
	programs/ssl/ssl_server2.c
	tests/Makefile
This commit is contained in:
Manuel Pégourié-Gonnard
2015-02-16 18:37:53 +00:00
parent 82cf0a1f9a ad350ed759
commit d901d17817
212 changed files with 3927 additions and 2497 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
programs/.gitignore vendored
View File

@@ -40,6 +40,7 @@ ssl/ssl_mail_client
ssl/ssl_pthread_server
ssl/ssl_server
ssl/ssl_server2
ssl/mini_client
test/benchmark
test/ecp-bench
test/o_p_test

169
programs/Makefile
View File

@@ -5,14 +5,27 @@
CFLAGS += -I../include -D_FILE_OFFSET_BITS=64 -Wall -W -Wdeclaration-after-statement
OFLAGS = -O2
LDFLAGS += -L../library -lmbedtls $(SYS_LDFLAGS)
LDFLAGS += -L../library -lmbedtls$(SHARED_SUFFIX) $(SYS_LDFLAGS)
ifdef DEBUG
CFLAGS += -g3
endif
#
# if we running on Windows build
# for Windows
#
ifdef WINDOWS
WINDOWS_BUILD=1
endif
ifdef WINDOWS_BUILD
DLEXT=dll
EXEXT=.exe
LDFLAGS += -lws2_32
ifdef SHARED
SHARED_SUFFIX=.$(DLEXT)
endif
endif
# Zlib shared library extensions:
@@ -20,32 +33,32 @@ ifdef ZLIB
LDFLAGS += -lz
endif
APPS = aes/aescrypt2 aes/crypt_and_hash \
hash/hello hash/generic_sum \
hash/md5sum hash/sha1sum \
hash/sha2sum pkey/dh_client \
pkey/dh_genprime pkey/dh_server \
pkey/gen_key \
pkey/key_app pkey/key_app_writer \
pkey/mpi_demo pkey/pk_decrypt \
pkey/pk_encrypt pkey/pk_sign \
pkey/pk_verify pkey/rsa_genkey \
pkey/rsa_decrypt pkey/rsa_encrypt \
pkey/rsa_sign pkey/rsa_verify \
pkey/rsa_sign_pss pkey/rsa_verify_pss \
ssl/dtls_client ssl/dtls_server \
ssl/ssl_client1 ssl/ssl_client2 \
ssl/ssl_server ssl/ssl_server2 \
ssl/ssl_fork_server \
ssl/ssl_mail_client random/gen_entropy \
random/gen_random_havege \
random/gen_random_ctr_drbg \
test/ssl_cert_test test/benchmark \
test/selftest test/ssl_test \
test/udp_proxy \
util/pem2der util/strerror \
x509/cert_app x509/crl_app \
x509/cert_req
APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \
hash/hello$(EXEXT) hash/generic_sum$(EXEXT) \
hash/md5sum$(EXEXT) hash/sha1sum$(EXEXT) \
hash/sha2sum$(EXEXT) pkey/dh_client$(EXEXT) \
pkey/dh_genprime$(EXEXT) pkey/dh_server$(EXEXT) \
pkey/gen_key$(EXEXT) \
pkey/key_app$(EXEXT) pkey/key_app_writer$(EXEXT) \
pkey/mpi_demo$(EXEXT) pkey/pk_decrypt$(EXEXT) \
pkey/pk_encrypt$(EXEXT) pkey/pk_sign$(EXEXT) \
pkey/pk_verify$(EXEXT) pkey/rsa_genkey$(EXEXT) \
pkey/rsa_decrypt$(EXEXT) pkey/rsa_encrypt$(EXEXT) \
pkey/rsa_sign$(EXEXT) pkey/rsa_verify$(EXEXT) \
pkey/rsa_sign_pss$(EXEXT) pkey/rsa_verify_pss$(EXEXT) \
ssl/dtls_client$(EXEXT) ssl/dtls_server$(EXEXT) \
ssl/ssl_client1$(EXEXT) ssl/ssl_client2$(EXEXT) \
ssl/ssl_server$(EXEXT) ssl/ssl_server2$(EXEXT) \
ssl/ssl_fork_server$(EXEXT) ssl/mini_client$(EXEXT) \
ssl/ssl_mail_client$(EXEXT) random/gen_entropy$(EXEXT) \
random/gen_random_havege$(EXEXT) \
random/gen_random_ctr_drbg$(EXEXT) \
test/ssl_cert_test$(EXEXT) test/benchmark$(EXEXT) \
test/selftest$(EXEXT) test/ssl_test$(EXEXT) \
test/udp_proxy$(EXEXT) \
util/pem2der$(EXEXT) util/strerror$(EXEXT) \
x509/cert_app$(EXEXT) x509/crl_app$(EXEXT) \
x509/cert_req$(EXEXT)
ifdef OPENSSL
APPS += test/o_p_test
@@ -59,199 +72,203 @@ endif
all: $(APPS)
aes/aescrypt2: aes/aescrypt2.c ../library/libmbedtls.a
aes/aescrypt2$(EXEXT): aes/aescrypt2.c ../library/libmbedtls.a
echo " CC aes/aescrypt2.c"
$(CC) $(CFLAGS) $(OFLAGS) aes/aescrypt2.c $(LDFLAGS) -o $@
aes/crypt_and_hash: aes/crypt_and_hash.c ../library/libmbedtls.a
aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c ../library/libmbedtls.a
echo " CC aes/crypt_and_hash.c"
$(CC) $(CFLAGS) $(OFLAGS) aes/crypt_and_hash.c $(LDFLAGS) -o $@
hash/hello: hash/hello.c ../library/libmbedtls.a
hash/hello$(EXEXT): hash/hello.c ../library/libmbedtls.a
echo " CC hash/hello.c"
$(CC) $(CFLAGS) $(OFLAGS) hash/hello.c $(LDFLAGS) -o $@
hash/generic_sum: hash/generic_sum.c ../library/libmbedtls.a
hash/generic_sum$(EXEXT): hash/generic_sum.c ../library/libmbedtls.a
echo " CC hash/generic_sum.c"
$(CC) $(CFLAGS) $(OFLAGS) hash/generic_sum.c $(LDFLAGS) -o $@
hash/md5sum: hash/md5sum.c ../library/libmbedtls.a
hash/md5sum$(EXEXT): hash/md5sum.c ../library/libmbedtls.a
echo " CC hash/md5sum.c"
$(CC) $(CFLAGS) $(OFLAGS) hash/md5sum.c $(LDFLAGS) -o $@
hash/sha1sum: hash/sha1sum.c ../library/libmbedtls.a
hash/sha1sum$(EXEXT): hash/sha1sum.c ../library/libmbedtls.a
echo " CC hash/sha1sum.c"
$(CC) $(CFLAGS) $(OFLAGS) hash/sha1sum.c $(LDFLAGS) -o $@
hash/sha2sum: hash/sha2sum.c ../library/libmbedtls.a
hash/sha2sum$(EXEXT): hash/sha2sum.c ../library/libmbedtls.a
echo " CC hash/sha2sum.c"
$(CC) $(CFLAGS) $(OFLAGS) hash/sha2sum.c $(LDFLAGS) -o $@
pkey/dh_client: pkey/dh_client.c ../library/libmbedtls.a
pkey/dh_client$(EXEXT): pkey/dh_client.c ../library/libmbedtls.a
echo " CC pkey/dh_client.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/dh_client.c $(LDFLAGS) -o $@
pkey/dh_genprime: pkey/dh_genprime.c ../library/libmbedtls.a
pkey/dh_genprime$(EXEXT): pkey/dh_genprime.c ../library/libmbedtls.a
echo " CC pkey/dh_genprime.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/dh_genprime.c $(LDFLAGS) -o $@
pkey/dh_server: pkey/dh_server.c ../library/libmbedtls.a
pkey/dh_server$(EXEXT): pkey/dh_server.c ../library/libmbedtls.a
echo " CC pkey/dh_server.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/dh_server.c $(LDFLAGS) -o $@
pkey/ecdsa: pkey/ecdsa.c ../library/libmbedtls.a
pkey/ecdsa$(EXEXT): pkey/ecdsa.c ../library/libmbedtls.a
echo " CC pkey/ecdsa.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/ecdsa.c $(LDFLAGS) -o $@
pkey/gen_key: pkey/gen_key.c ../library/libmbedtls.a
pkey/gen_key$(EXEXT): pkey/gen_key.c ../library/libmbedtls.a
echo " CC pkey/gen_key.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/gen_key.c $(LDFLAGS) -o $@
pkey/key_app: pkey/key_app.c ../library/libmbedtls.a
pkey/key_app$(EXEXT): pkey/key_app.c ../library/libmbedtls.a
echo " CC pkey/key_app.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/key_app.c $(LDFLAGS) -o $@
pkey/key_app_writer: pkey/key_app_writer.c ../library/libmbedtls.a
pkey/key_app_writer$(EXEXT): pkey/key_app_writer.c ../library/libmbedtls.a
echo " CC pkey/key_app_writer.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/key_app_writer.c $(LDFLAGS) -o $@
pkey/mpi_demo: pkey/mpi_demo.c ../library/libmbedtls.a
pkey/mpi_demo$(EXEXT): pkey/mpi_demo.c ../library/libmbedtls.a
echo " CC pkey/mpi_demo.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/mpi_demo.c $(LDFLAGS) -o $@
pkey/pk_decrypt: pkey/pk_decrypt.c ../library/libmbedtls.a
pkey/pk_decrypt$(EXEXT): pkey/pk_decrypt.c ../library/libmbedtls.a
echo " CC pkey/pk_decrypt.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/pk_decrypt.c $(LDFLAGS) -o $@
pkey/pk_encrypt: pkey/pk_encrypt.c ../library/libmbedtls.a
pkey/pk_encrypt$(EXEXT): pkey/pk_encrypt.c ../library/libmbedtls.a
echo " CC pkey/pk_encrypt.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/pk_encrypt.c $(LDFLAGS) -o $@
pkey/pk_sign: pkey/pk_sign.c ../library/libmbedtls.a
pkey/pk_sign$(EXEXT): pkey/pk_sign.c ../library/libmbedtls.a
echo " CC pkey/pk_sign.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/pk_sign.c $(LDFLAGS) -o $@
pkey/pk_verify: pkey/pk_verify.c ../library/libmbedtls.a
pkey/pk_verify$(EXEXT): pkey/pk_verify.c ../library/libmbedtls.a
echo " CC pkey/pk_verify.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/pk_verify.c $(LDFLAGS) -o $@
pkey/rsa_genkey: pkey/rsa_genkey.c ../library/libmbedtls.a
pkey/rsa_genkey$(EXEXT): pkey/rsa_genkey.c ../library/libmbedtls.a
echo " CC pkey/rsa_genkey.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_genkey.c $(LDFLAGS) -o $@
pkey/rsa_sign: pkey/rsa_sign.c ../library/libmbedtls.a
pkey/rsa_sign$(EXEXT): pkey/rsa_sign.c ../library/libmbedtls.a
echo " CC pkey/rsa_sign.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_sign.c $(LDFLAGS) -o $@
pkey/rsa_verify: pkey/rsa_verify.c ../library/libmbedtls.a
pkey/rsa_verify$(EXEXT): pkey/rsa_verify.c ../library/libmbedtls.a
echo " CC pkey/rsa_verify.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_verify.c $(LDFLAGS) -o $@
pkey/rsa_sign_pss: pkey/rsa_sign_pss.c ../library/libmbedtls.a
pkey/rsa_sign_pss$(EXEXT): pkey/rsa_sign_pss.c ../library/libmbedtls.a
echo " CC pkey/rsa_sign_pss.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_sign_pss.c $(LDFLAGS) -o $@
pkey/rsa_verify_pss: pkey/rsa_verify_pss.c ../library/libmbedtls.a
pkey/rsa_verify_pss$(EXEXT): pkey/rsa_verify_pss.c ../library/libmbedtls.a
echo " CC pkey/rsa_verify_pss.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_verify_pss.c $(LDFLAGS) -o $@
pkey/rsa_decrypt: pkey/rsa_decrypt.c ../library/libmbedtls.a
pkey/rsa_decrypt$(EXEXT): pkey/rsa_decrypt.c ../library/libmbedtls.a
echo " CC pkey/rsa_decrypt.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_decrypt.c $(LDFLAGS) -o $@
pkey/rsa_encrypt: pkey/rsa_encrypt.c ../library/libmbedtls.a
pkey/rsa_encrypt$(EXEXT): pkey/rsa_encrypt.c ../library/libmbedtls.a
echo " CC pkey/rsa_encrypt.c"
$(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_encrypt.c $(LDFLAGS) -o $@
random/gen_entropy: random/gen_entropy.c ../library/libmbedtls.a
random/gen_entropy$(EXEXT): random/gen_entropy.c ../library/libmbedtls.a
echo " CC random/gen_entropy.c"
$(CC) $(CFLAGS) $(OFLAGS) random/gen_entropy.c $(LDFLAGS) -o $@
random/gen_random_havege: random/gen_random_havege.c ../library/libmbedtls.a
random/gen_random_havege$(EXEXT): random/gen_random_havege.c ../library/libmbedtls.a
echo " CC random/gen_random_havege.c"
$(CC) $(CFLAGS) $(OFLAGS) random/gen_random_havege.c $(LDFLAGS) -o $@
random/gen_random_ctr_drbg: random/gen_random_ctr_drbg.c ../library/libmbedtls.a
random/gen_random_ctr_drbg$(EXEXT): random/gen_random_ctr_drbg.c ../library/libmbedtls.a
echo " CC random/gen_random_ctr_drbg.c"
$(CC) $(CFLAGS) $(OFLAGS) random/gen_random_ctr_drbg.c $(LDFLAGS) -o $@
ssl/dtls_client: ssl/dtls_client.c ../library/libmbedtls.a
ssl/dtls_client$(EXEXT): ssl/dtls_client.c ../library/libmbedtls.a
echo " CC ssl/dtls_client.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/dtls_client.c $(LDFLAGS) -o $@
ssl/dtls_server: ssl/dtls_server.c ../library/libmbedtls.a
ssl/dtls_server$(EXEXT): ssl/dtls_server.c ../library/libmbedtls.a
echo " CC ssl/dtls_server.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/dtls_server.c $(LDFLAGS) -o $@
ssl/ssl_client1: ssl/ssl_client1.c ../library/libmbedtls.a
ssl/ssl_client1$(EXEXT): ssl/ssl_client1.c ../library/libmbedtls.a
echo " CC ssl/ssl_client1.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_client1.c $(LDFLAGS) -o $@
ssl/ssl_client2: ssl/ssl_client2.c ../library/libmbedtls.a
ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c ../library/libmbedtls.a
echo " CC ssl/ssl_client2.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_client2.c $(LDFLAGS) -o $@
ssl/ssl_server: ssl/ssl_server.c ../library/libmbedtls.a
ssl/ssl_server$(EXEXT): ssl/ssl_server.c ../library/libmbedtls.a
echo " CC ssl/ssl_server.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_server.c $(LDFLAGS) -o $@
ssl/ssl_server2: ssl/ssl_server2.c ../library/libmbedtls.a
ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c ../library/libmbedtls.a
echo " CC ssl/ssl_server2.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_server2.c $(LDFLAGS) -o $@
ssl/ssl_fork_server: ssl/ssl_fork_server.c ../library/libmbedtls.a
ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c ../library/libmbedtls.a
echo " CC ssl/ssl_fork_server.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_fork_server.c $(LDFLAGS) -o $@
ssl/ssl_pthread_server: ssl/ssl_pthread_server.c ../library/libmbedtls.a
ssl/ssl_pthread_server$(EXEXT): ssl/ssl_pthread_server.c ../library/libmbedtls.a
echo " CC ssl/ssl_pthread_server.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_pthread_server.c $(LDFLAGS) -o $@ -lpthread
ssl/ssl_mail_client: ssl/ssl_mail_client.c ../library/libmbedtls.a
ssl/ssl_mail_client$(EXEXT): ssl/ssl_mail_client.c ../library/libmbedtls.a
echo " CC ssl/ssl_mail_client.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_mail_client.c $(LDFLAGS) -o $@
test/ssl_cert_test: test/ssl_cert_test.c ../library/libmbedtls.a
ssl/mini_client$(EXEXT): ssl/mini_client.c ../library/libmbedtls.a
echo " CC ssl/mini_client.c"
$(CC) $(CFLAGS) $(OFLAGS) ssl/mini_client.c $(LDFLAGS) -o $@
test/ssl_cert_test$(EXEXT): test/ssl_cert_test.c ../library/libmbedtls.a
echo " CC test/ssl_cert_test.c"
$(CC) $(CFLAGS) $(OFLAGS) test/ssl_cert_test.c $(LDFLAGS) -o $@
test/benchmark: test/benchmark.c ../library/libmbedtls.a
test/benchmark$(EXEXT): test/benchmark.c ../library/libmbedtls.a
echo " CC test/benchmark.c"
$(CC) $(CFLAGS) $(OFLAGS) test/benchmark.c $(LDFLAGS) -o $@
test/selftest: test/selftest.c ../library/libmbedtls.a
test/selftest$(EXEXT): test/selftest.c ../library/libmbedtls.a
echo " CC test/selftest.c"
$(CC) $(CFLAGS) $(OFLAGS) test/selftest.c $(LDFLAGS) -o $@
test/ssl_test: test/ssl_test.c ../library/libmbedtls.a
test/ssl_test$(EXEXT): test/ssl_test.c ../library/libmbedtls.a
echo " CC test/ssl_test.c"
$(CC) $(CFLAGS) $(OFLAGS) test/ssl_test.c $(LDFLAGS) -o $@
test/udp_proxy: test/udp_proxy.c ../library/libmbedtls.a
test/udp_proxy$(EXEXT): test/udp_proxy.c ../library/libmbedtls.a
echo " CC test/udp_proxy.c"
$(CC) $(CFLAGS) $(OFLAGS) test/udp_proxy.c $(LDFLAGS) -o $@
test/o_p_test: test/o_p_test.c ../library/libmbedtls.a
test/o_p_test$(EXEXT): test/o_p_test.c ../library/libmbedtls.a
echo " CC test/o_p_test.c"
$(CC) $(CFLAGS) $(OFLAGS) test/o_p_test.c $(LDFLAGS) -o $@ -lssl -lcrypto
util/pem2der: util/pem2der.c ../library/libmbedtls.a
util/pem2der$(EXEXT): util/pem2der.c ../library/libmbedtls.a
echo " CC util/pem2der.c"
$(CC) $(CFLAGS) $(OFLAGS) util/pem2der.c $(LDFLAGS) -o $@
util/strerror: util/strerror.c ../library/libmbedtls.a
util/strerror$(EXEXT): util/strerror.c ../library/libmbedtls.a
echo " CC util/strerror.c"
$(CC) $(CFLAGS) $(OFLAGS) util/strerror.c $(LDFLAGS) -o $@
x509/cert_app: x509/cert_app.c ../library/libmbedtls.a
x509/cert_app$(EXEXT): x509/cert_app.c ../library/libmbedtls.a
echo " CC x509/cert_app.c"
$(CC) $(CFLAGS) $(OFLAGS) x509/cert_app.c $(LDFLAGS) -o $@
x509/crl_app: x509/crl_app.c ../library/libmbedtls.a
x509/crl_app$(EXEXT): x509/crl_app.c ../library/libmbedtls.a
echo " CC x509/crl_app.c"
$(CC) $(CFLAGS) $(OFLAGS) x509/crl_app.c $(LDFLAGS) -o $@
x509/cert_req: x509/cert_req.c ../library/libmbedtls.a
x509/cert_req$(EXEXT): x509/cert_req.c ../library/libmbedtls.a
echo " CC x509/cert_req.c"
$(CC) $(CFLAGS) $(OFLAGS) x509/cert_req.c $(LDFLAGS) -o $@

32
programs/aes/aescrypt2.c
View File

@@ -29,8 +29,19 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#if defined(POLARSSL_AES_C) && defined(POLARSSL_SHA256_C) && \
defined(POLARSSL_FS_IO)
#include "polarssl/aes.h"
#include "polarssl/sha256.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#if defined(_WIN32)
@@ -43,14 +54,6 @@
#include <unistd.h>
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <time.h>
#include "polarssl/aes.h"
#include "polarssl/sha256.h"
#define MODE_ENCRYPT 0
#define MODE_DECRYPT 1
@@ -60,12 +63,11 @@
"\n example: aescrypt2 0 file file.aes hex:E76B2413958B00E193\n" \
"\n"
#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C)
int main( int argc, char *argv[] )
#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_FS_IO)
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_AES_C and/or POLARSSL_SHA256_C not defined.\n");
polarssl_printf("POLARSSL_AES_C and/or POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -442,4 +444,4 @@ exit:
return( ret );
}
#endif /* POLARSSL_AES_C && POLARSSL_SHA256_C */
#endif /* POLARSSL_AES_C && POLARSSL_SHA256_C && POLARSSL_FS_IO */

35
programs/aes/crypt_and_hash.c
View File

@@ -30,8 +30,19 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#if defined(POLARSSL_CIPHER_C) && defined(POLARSSL_MD_C) && \
defined(POLARSSL_FS_IO)
#include "polarssl/cipher.h"
#include "polarssl/md.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#if defined(_WIN32)
@@ -44,14 +55,6 @@
#include <unistd.h>
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <time.h>
#include "polarssl/cipher.h"
#include "polarssl/md.h"
#define MODE_ENCRYPT 0
#define MODE_DECRYPT 1
@@ -61,13 +64,11 @@
"\n example: crypt_and_hash 0 file file.aes AES-128-CBC SHA1 hex:E76B2413958B00E193\n" \
"\n"
#if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C)
int main( int argc, char *argv[] )
#if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C) || \
!defined(POLARSSL_FS_IO)
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_CIPHER_C and/or POLARSSL_MD_C not defined.\n");
polarssl_printf("POLARSSL_CIPHER_C and/or POLARSSL_MD_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -399,7 +400,7 @@ int main( int argc, char *argv[] )
goto exit;
}
if( ( ( filesize - md_get_size( md_info ) ) %
if( ( ( filesize - md_get_size( md_info ) ) %
cipher_get_block_size( &cipher_ctx ) ) != 0 )
{
polarssl_fprintf( stderr, "File content not a multiple of the block size (%d).\n",
@@ -542,4 +543,4 @@ exit:
return( ret );
}
#endif /* POLARSSL_CIPHER_C && POLARSSL_MD_C */
#endif /* POLARSSL_CIPHER_C && POLARSSL_MD_C && POLARSSL_FS_IO */

22
programs/hash/generic_sum.c
View File

@@ -29,22 +29,22 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_MD_C) && defined(POLARSSL_FS_IO)
#include "polarssl/md.h"
#if !defined(POLARSSL_MD_C)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#include <stdio.h>
#include <string.h>
#endif
polarssl_printf("POLARSSL_MD_C not defined.\n");
#if !defined(POLARSSL_MD_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_MD_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -225,4 +225,4 @@ exit:
return( ret );
}
#endif /* POLARSSL_MD_C */
#endif /* POLARSSL_MD_C && POLARSSL_FS_IO */

15
programs/hash/hello.c
View File

@@ -29,32 +29,27 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <stdio.h>
#if defined(POLARSSL_MD5_C)
#include "polarssl/md5.h"
#endif
#if !defined(POLARSSL_MD5_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_MD5_C not defined.\n");
return( 0 );
}
#else
int main( int argc, char *argv[] )
int main( void )
{
int i;
unsigned char digest[16];
char str[] = "Hello, world!";
((void) argc);
((void) argv);
polarssl_printf( "\n MD5('%s') = ", str );
md5( (unsigned char *) str, 13, digest );

18
programs/hash/md5sum.c
View File

@@ -29,21 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_FS_IO)
#include "polarssl/md5.h"
#if !defined(POLARSSL_MD5_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#include <stdio.h>
#include <string.h>
#endif
#if !defined(POLARSSL_MD5_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_MD5_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}

18
programs/hash/sha1sum.c
View File

@@ -29,21 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_SHA1_C) && defined(POLARSSL_FS_IO)
#include "polarssl/sha1.h"
#if !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#include <stdio.h>
#include <string.h>
#endif
#if !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_SHA1_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}

18
programs/hash/sha2sum.c
View File

@@ -29,21 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO)
#include "polarssl/sha256.h"
#if !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#include <stdio.h>
#include <string.h>
#endif
#if !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}

32
programs/pkey/dh_client.c
View File

@@ -29,12 +29,14 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) && \
defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \
defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/net.h"
#include "polarssl/aes.h"
#include "polarssl/dhm.h"
@@ -43,26 +45,27 @@
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <stdio.h>
#include <string.h>
#endif
#define SERVER_NAME "localhost"
#define SERVER_PORT 11999
#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_DHM_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_SHA1_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
int main( int argc, char *argv[] )
int main( void )
{
FILE *f;
@@ -81,9 +84,6 @@ int main( int argc, char *argv[] )
dhm_context dhm;
aes_context aes;
((void) argc);
((void) argv);
memset( &rsa, 0, sizeof( rsa ) );
dhm_init( &dhm );
aes_init( &aes );
@@ -193,7 +193,7 @@ int main( int argc, char *argv[] )
/*
* 5. Check that the server's RSA signature matches
* the SHA-1 hash of (P,G,Ys)
* the SHA-256 hash of (P,G,Ys)
*/
polarssl_printf( "\n . Verifying the server's RSA signature" );
fflush( stdout );
@@ -210,7 +210,7 @@ int main( int argc, char *argv[] )
sha1( buf, (int)( p - 2 - buf ), hash );
if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC,
POLARSSL_MD_SHA1, 0, hash, p ) ) != 0 )
POLARSSL_MD_SHA256, 0, hash, p ) ) != 0 )
{
polarssl_printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret );
goto exit;
@@ -297,5 +297,5 @@ exit:
return( ret );
}
#endif /* POLARSSL_AES_C && POLARSSL_DHM_C && POLARSSL_ENTROPY_C &&
POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */

20
programs/pkey/dh_genprime.c
View File

@@ -29,15 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) && \
defined(POLARSSL_GENPRIME)
#include "polarssl/bignum.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <stdio.h>
#include <string.h>
#endif
/*
* Note: G = 4 is always a quadratic residue mod P,
* so it is a generator of order Q (with P = 2*Q+1).
@@ -48,18 +54,15 @@
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_GENPRIME)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_FS_IO and/or POLARSSL_CTR_DRBG_C and/or "
"POLARSSL_GENPRIME not defined.\n");
return( 0 );
}
#else
int main( int argc, char *argv[] )
int main( void )
{
int ret = 1;
mpi G, P, Q;
@@ -68,9 +71,6 @@ int main( int argc, char *argv[] )
const char *pers = "dh_genprime";
FILE *fout;
((void) argc);
((void) argv);
mpi_init( &G ); mpi_init( &P ); mpi_init( &Q );
entropy_init( &entropy );

32
programs/pkey/dh_server.c
View File

@@ -29,12 +29,14 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) && \
defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \
defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/net.h"
#include "polarssl/aes.h"
#include "polarssl/dhm.h"
@@ -43,26 +45,27 @@
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <stdio.h>
#include <string.h>
#endif
#define SERVER_PORT 11999
#define PLAINTEXT "==Hello there!=="
#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_DHM_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_SHA1_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DBRG_C not defined.\n");
return( 0 );
}
#else
int main( int argc, char *argv[] )
int main( void )
{
FILE *f;
@@ -82,9 +85,6 @@ int main( int argc, char *argv[] )
dhm_context dhm;
aes_context aes;
((void) argc);
((void) argv);
memset( &rsa, 0, sizeof( rsa ) );
dhm_init( &dhm );
aes_init( &aes );
@@ -134,7 +134,7 @@ int main( int argc, char *argv[] )
}
rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
fclose( f );
/*
@@ -201,7 +201,7 @@ int main( int argc, char *argv[] )
buf[n ] = (unsigned char)( rsa.len >> 8 );
buf[n + 1] = (unsigned char)( rsa.len );
if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA1,
if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA256,
0, hash, buf + n + 2 ) ) != 0 )
{
polarssl_printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret );
@@ -298,5 +298,5 @@ exit:
return( ret );
}
#endif /* POLARSSL_AES_C && POLARSSL_DHM_C && POLARSSL_ENTROPY_C &&
POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */

11
programs/pkey/ecdsa.c
View File

@@ -29,15 +29,18 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#if defined(POLARSSL_ECDSA_C) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/ecdsa.h"
#include <string.h>
#include <stdio.h>
#endif
/*
* Uncomment to show key and signature details
@@ -55,17 +58,13 @@
#if !defined(POLARSSL_ECDSA_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_ECDSA_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C not defined\n");
return( 0 );
}
#else
#if defined(VERBOSE)
static void dump_buf( const char *title, unsigned char *buf, size_t len )
{

133
programs/pkey/gen_key.c
View File

@@ -29,17 +29,12 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if !defined(_WIN32) && defined(POLARSSL_FS_IO)
#include <unistd.h>
#endif /* !_WIN32 && POLARSSL_FS_IO */
#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_FS_IO) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/error.h"
#include "polarssl/pk.h"
#include "polarssl/ecdsa.h"
@@ -48,49 +43,12 @@
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
"not defined.\n" );
return( 0 );
}
#else
#define FORMAT_PEM 0
#define FORMAT_DER 1
#define DFL_TYPE POLARSSL_PK_RSA
#define DFL_RSA_KEYSIZE 4096
#define DFL_FILENAME "keyfile.key"
#define DFL_FORMAT FORMAT_PEM
#define DFL_USE_DEV_RANDOM 0
#if defined(POLARSSL_ECP_C)
#define DFL_EC_CURVE ecp_curve_list()->grp_id
#else
#define DFL_EC_CURVE 0
#endif
/*
* global options
*/
struct options
{
int type; /* the type of key to generate */
int rsa_keysize; /* length of key in bits */
int ec_curve; /* curve identifier for EC keys */
const char *filename; /* filename of the key file */
int format; /* the output format to use */
int use_dev_random; /* use /dev/random as entropy source */
} opt;
#if !defined(_WIN32) && defined(POLARSSL_FS_IO)
#if !defined(_WIN32)
#include <unistd.h>
#define DEV_RANDOM_THRESHOLD 32
@@ -127,8 +85,65 @@ int dev_random_entropy_poll( void *data, unsigned char *output,
return( 0 );
}
#endif /* !_WIN32 */
#endif
#if defined(POLARSSL_ECP_C)
#define DFL_EC_CURVE ecp_curve_list()->grp_id
#else
#define DFL_EC_CURVE 0
#endif
#if !defined(_WIN32) && defined(POLARSSL_FS_IO)
#define USAGE_DEV_RANDOM \
" use_dev_random=0|1 default: 0\n"
#else
#define USAGE_DEV_RANDOM ""
#endif /* !_WIN32 && POLARSSL_FS_IO */
#define FORMAT_PEM 0
#define FORMAT_DER 1
#define DFL_TYPE POLARSSL_PK_RSA
#define DFL_RSA_KEYSIZE 4096
#define DFL_FILENAME "keyfile.key"
#define DFL_FORMAT FORMAT_PEM
#define DFL_USE_DEV_RANDOM 0
#define USAGE \
"\n usage: gen_key param=<>...\n" \
"\n acceptable parameters:\n" \
" type=rsa|ec default: rsa\n" \
" rsa_keysize=%%d default: 4096\n" \
" ec_curve=%%s see below\n" \
" filename=%%s default: keyfile.key\n" \
" format=pem|der default: pem\n" \
USAGE_DEV_RANDOM \
"\n"
#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
int main( void )
{
polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
"not defined.\n" );
return( 0 );
}
#else
/*
* global options
*/
struct options
{
int type; /* the type of key to generate */
int rsa_keysize; /* length of key in bits */
int ec_curve; /* curve identifier for EC keys */
const char *filename; /* filename of the key file */
int format; /* the output format to use */
int use_dev_random; /* use /dev/random as entropy source */
} opt;
static int write_private_key( pk_context *key, const char *output_file )
{
int ret;
@@ -168,24 +183,6 @@ static int write_private_key( pk_context *key, const char *output_file )
return( 0 );
}
#if !defined(_WIN32) && defined(POLARSSL_FS_IO)
#define USAGE_DEV_RANDOM \
" use_dev_random=0|1 default: 0\n"
#else
#define USAGE_DEV_RANDOM ""
#endif /* !_WIN32 && POLARSSL_FS_IO */
#define USAGE \
"\n usage: gen_key param=<>...\n" \
"\n acceptable parameters:\n" \
" type=rsa|ec default: rsa\n" \
" rsa_keysize=%%d default: 4096\n" \
" ec_curve=%%s see below\n" \
" filename=%%s default: keyfile.key\n" \
" format=pem|der default: pem\n" \
USAGE_DEV_RANDOM \
"\n"
int main( int argc, char *argv[] )
{
int ret = 0;

49
programs/pkey/key_app.c
View File

@@ -29,29 +29,18 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && \
defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/error.h"
#include "polarssl/rsa.h"
#include "polarssl/x509.h"
#if !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
#include <string.h>
#endif
#define MODE_NONE 0
#define MODE_PRIVATE 1
@@ -63,6 +52,25 @@ int main( int argc, char *argv[] )
#define DFL_PASSWORD_FILE ""
#define DFL_DEBUG_LEVEL 0
#define USAGE \
"\n usage: key_app param=<>...\n" \
"\n acceptable parameters:\n" \
" mode=private|public default: none\n" \
" filename=%%s default: keyfile.key\n" \
" password=%%s default: \"\"\n" \
" password_file=%%s default: \"\"\n" \
"\n"
#if !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
/*
* global options
*/
@@ -74,15 +82,6 @@ struct options
const char *password_file; /* password_file for the private key */
} opt;
#define USAGE \
"\n usage: key_app param=<>...\n" \
"\n acceptable parameters:\n" \
" mode=private|public default: none\n" \
" filename=%%s default: keyfile.key\n" \
" password=%%s default: \"\"\n" \
" password_file=%%s default: \"\"\n" \
"\n"
int main( int argc, char *argv[] )
{
int ret = 0;

83
programs/pkey/key_app_writer.c
View File

@@ -29,27 +29,41 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/error.h"
#include "polarssl/pk.h"
#include "polarssl/error.h"
#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#include <stdio.h>
#include <string.h>
#endif
polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO not defined.\n" );
return( 0 );
}
#if defined(POLARSSL_PEM_WRITE_C)
#define USAGE_OUT \
" output_file=%%s default: keyfile.pem\n" \
" output_format=pem|der default: pem\n"
#else
#define USAGE_OUT \
" output_file=%%s default: keyfile.der\n" \
" output_format=der default: der\n"
#endif
#if defined(POLARSSL_PEM_WRITE_C)
#define DFL_OUTPUT_FILENAME "keyfile.pem"
#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_PEM
#else
#define DFL_OUTPUT_FILENAME "keyfile.der"
#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_DER
#endif
#define DFL_MODE MODE_NONE
#define DFL_FILENAME "keyfile.key"
#define DFL_DEBUG_LEVEL 0
#define DFL_OUTPUT_MODE OUTPUT_MODE_NONE
#define MODE_NONE 0
#define MODE_PRIVATE 1
@@ -62,18 +76,22 @@ int main( int argc, char *argv[] )
#define OUTPUT_FORMAT_PEM 0
#define OUTPUT_FORMAT_DER 1
#define DFL_MODE MODE_NONE
#define DFL_FILENAME "keyfile.key"
#define DFL_DEBUG_LEVEL 0
#define DFL_OUTPUT_MODE OUTPUT_MODE_NONE
#if defined(POLARSSL_PEM_WRITE_C)
#define DFL_OUTPUT_FILENAME "keyfile.pem"
#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_PEM
#else
#define DFL_OUTPUT_FILENAME "keyfile.der"
#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_DER
#endif
#define USAGE \
"\n usage: key_app param=<>...\n" \
"\n acceptable parameters:\n" \
" mode=private|public default: none\n" \
" filename=%%s default: keyfile.key\n" \
" output_mode=private|public default: none\n" \
USAGE_OUT \
"\n"
#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO not defined.\n" );
return( 0 );
}
#else
/*
* global options
*/
@@ -170,25 +188,6 @@ static int write_private_key( pk_context *key, const char *output_file )
return( 0 );
}
#if defined(POLARSSL_PEM_WRITE_C)
#define USAGE_OUT \
" output_file=%%s default: keyfile.pem\n" \
" output_format=pem|der default: pem\n"
#else
#define USAGE_OUT \
" output_file=%%s default: keyfile.der\n" \
" output_format=der default: der\n"
#endif
#define USAGE \
"\n usage: key_app param=<>...\n" \
"\n acceptable parameters:\n" \
" mode=private|public default: none\n" \
" filename=%%s default: keyfile.key\n" \
" output_mode=private|public default: none\n" \
USAGE_OUT \
"\n"
int main( int argc, char *argv[] )
{
int ret = 0;

65
programs/pkey/mpi_demo.c
View File

@@ -29,77 +29,82 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_FS_IO)
#include "polarssl/bignum.h"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#include <stdio.h>
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
int main( int argc, char *argv[] )
int main( void )
{
int ret;
mpi E, P, Q, N, H, D, X, Y, Z;
((void) argc);
((void) argv);
mpi_init( &E ); mpi_init( &P ); mpi_init( &Q ); mpi_init( &N );
mpi_init( &H ); mpi_init( &D ); mpi_init( &X ); mpi_init( &Y );
mpi_init( &Z );
mpi_read_string( &P, 10, "2789" );
mpi_read_string( &Q, 10, "3203" );
mpi_read_string( &E, 10, "257" );
mpi_mul_mpi( &N, &P, &Q );
MPI_CHK( mpi_read_string( &P, 10, "2789" ) );
MPI_CHK( mpi_read_string( &Q, 10, "3203" ) );
MPI_CHK( mpi_read_string( &E, 10, "257" ) );
MPI_CHK( mpi_mul_mpi( &N, &P, &Q ) );
polarssl_printf( "\n Public key:\n\n" );
mpi_write_file( " N = ", &N, 10, NULL );
mpi_write_file( " E = ", &E, 10, NULL );
MPI_CHK( mpi_write_file( " N = ", &N, 10, NULL ) );
MPI_CHK( mpi_write_file( " E = ", &E, 10, NULL ) );
polarssl_printf( "\n Private key:\n\n" );
mpi_write_file( " P = ", &P, 10, NULL );
mpi_write_file( " Q = ", &Q, 10, NULL );
MPI_CHK( mpi_write_file( " P = ", &P, 10, NULL ) );
MPI_CHK( mpi_write_file( " Q = ", &Q, 10, NULL ) );
#if defined(POLARSSL_GENPRIME)
mpi_sub_int( &P, &P, 1 );
mpi_sub_int( &Q, &Q, 1 );
mpi_mul_mpi( &H, &P, &Q );
mpi_inv_mod( &D, &E, &H );
MPI_CHK( mpi_sub_int( &P, &P, 1 ) );
MPI_CHK( mpi_sub_int( &Q, &Q, 1 ) );
MPI_CHK( mpi_mul_mpi( &H, &P, &Q ) );
MPI_CHK( mpi_inv_mod( &D, &E, &H ) );
mpi_write_file( " D = E^-1 mod (P-1)*(Q-1) = ",
&D, 10, NULL );
#else
polarssl_printf("\nTest skipped (POLARSSL_GENPRIME not defined).\n\n");
#endif
mpi_read_string( &X, 10, "55555" );
mpi_exp_mod( &Y, &X, &E, &N, NULL );
mpi_exp_mod( &Z, &Y, &D, &N, NULL );
MPI_CHK( mpi_read_string( &X, 10, "55555" ) );
MPI_CHK( mpi_exp_mod( &Y, &X, &E, &N, NULL ) );
MPI_CHK( mpi_exp_mod( &Z, &Y, &D, &N, NULL ) );
polarssl_printf( "\n RSA operation:\n\n" );
mpi_write_file( " X (plaintext) = ", &X, 10, NULL );
mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL );
mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL );
MPI_CHK( mpi_write_file( " X (plaintext) = ", &X, 10, NULL ) );
MPI_CHK( mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ) );
MPI_CHK( mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ) );
polarssl_printf( "\n" );
cleanup:
mpi_free( &E ); mpi_free( &P ); mpi_free( &Q ); mpi_free( &N );
mpi_free( &H ); mpi_free( &D ); mpi_free( &X ); mpi_free( &Y );
mpi_free( &Z );
if( ret != 0 )
{
polarssl_printf( "\nAn error occured.\n" );
ret = 1;
}
#if defined(_WIN32)
polarssl_printf( " Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( 0 );
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_FS_IO */

17
programs/pkey/pk_decrypt.c
View File

@@ -29,25 +29,28 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) && \
defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/error.h"
#include "polarssl/pk.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <stdio.h>
#include <string.h>
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_FS_IO and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");

18
programs/pkey/pk_encrypt.c
View File

@@ -29,26 +29,28 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \
defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/error.h"
#include "polarssl/pk.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <stdio.h>
#include <string.h>
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");

33
programs/pkey/pk_sign.c
View File

@@ -29,12 +29,16 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_snprintf snprintf
#define polarssl_printf printf
#define polarssl_snprintf snprintf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_SHA256_C) && \
defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) && \
defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/error.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
@@ -42,21 +46,22 @@
#include "polarssl/pk.h"
#include "polarssl/sha1.h"
#include <stdio.h>
#include <string.h>
#endif
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SHA1_C) || \
!defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SHA1_C and/or "
"POLARSSL_SHA256_C and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
@@ -111,10 +116,10 @@ int main( int argc, char *argv[] )
}
/*
* Compute the SHA-1 hash of the input file,
* Compute the SHA-256 hash of the input file,
* then calculate the signature of the hash.
*/
polarssl_printf( "\n . Generating the SHA-1 signature" );
polarssl_printf( "\n . Generating the SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
@@ -123,7 +128,7 @@ int main( int argc, char *argv[] )
goto exit;
}
if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen,
if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA256, hash, 0, buf, &olen,
ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_sign returned -0x%04x\n", -ret );
@@ -133,7 +138,7 @@ int main( int argc, char *argv[] )
/*
* Write the signature into <filename>-sig.txt
*/
snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
polarssl_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
if( ( f = fopen( filename, "wb+" ) ) == NULL )
{
@@ -170,5 +175,5 @@ exit:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C &&
POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_SHA256_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_CTR_DRBG_C */

34
programs/pkey/pk_verify.c
View File

@@ -29,31 +29,35 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_snprintf snprintf
#define polarssl_printf printf
#define polarssl_snprintf snprintf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && \
defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) && \
defined(POLARSSL_FS_IO)
#include "polarssl/error.h"
#include "polarssl/md.h"
#include "polarssl/pk.h"
#include "polarssl/sha1.h"
#include <stdio.h>
#include <string.h>
#endif
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
#if !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or "
"POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@@ -94,7 +98,7 @@ int main( int argc, char *argv[] )
* Extract the signature from the text file
*/
ret = 1;
snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
polarssl_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
if( ( f = fopen( filename, "rb" ) ) == NULL )
{
@@ -108,10 +112,10 @@ int main( int argc, char *argv[] )
fclose( f );
/*
* Compute the SHA-1 hash of the input file and compare
* Compute the SHA-256 hash of the input file and compare
* it with the hash decrypted from the signature.
*/
polarssl_printf( "\n . Verifying the SHA-1 signature" );
polarssl_printf( "\n . Verifying the SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
@@ -120,14 +124,14 @@ int main( int argc, char *argv[] )
goto exit;
}
if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0,
if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA256, hash, 0,
buf, i ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_verify returned -0x%04x\n", -ret );
goto exit;
}
polarssl_printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" );
polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
ret = 0;
@@ -146,5 +150,5 @@ exit:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_SHA1_C &&
#endif /* POLARSSL_BIGNUM_C && POLARSSL_SHA256_C &&
POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */

16
programs/pkey/rsa_decrypt.c
View File

@@ -29,24 +29,26 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/rsa.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <stdio.h>
#include <string.h>
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_FS_IO and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");

20
programs/pkey/rsa_encrypt.c
View File

@@ -29,25 +29,27 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \
defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/rsa.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <stdio.h>
#include <string.h>
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
@@ -103,7 +105,7 @@ int main( int argc, char *argv[] )
}
rsa_init( &rsa, RSA_PKCS_V15, 0 );
if( ( ret = mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.E, 16, f ) ) != 0 )
{

22
programs/pkey/rsa_genkey.c
View File

@@ -29,35 +29,38 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME) && \
defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/bignum.h"
#include "polarssl/x509.h"
#include "polarssl/rsa.h"
#include <stdio.h>
#include <string.h>
#endif
#define KEY_SIZE 1024
#define EXPONENT 65537
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_GENPRIME) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_RSA_C and/or POLARSSL_GENPRIME and/or "
"POLARSSL_FS_IO and/or POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
int main( int argc, char *argv[] )
int main( void )
{
int ret;
rsa_context rsa;
@@ -67,9 +70,6 @@ int main( int argc, char *argv[] )
FILE *fpriv = NULL;
const char *pers = "rsa_genkey";
((void) argc);
((void) argv);
polarssl_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
@@ -86,7 +86,7 @@ int main( int argc, char *argv[] )
fflush( stdout );
rsa_init( &rsa, RSA_PKCS_V15, 0 );
if( ( ret = rsa_gen_key( &rsa, ctr_drbg_random, &ctr_drbg, KEY_SIZE,
EXPONENT ) ) != 0 )
{

35
programs/pkey/rsa_sign.c
View File

@@ -1,5 +1,5 @@
/*
* RSA/SHA-1 signature creation program
* RSA/SHA-256 signature creation program
*
* Copyright (C) 2006-2011, ARM Limited, All Rights Reserved
*
@@ -29,25 +29,26 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO)
#include "polarssl/rsa.h"
#include "polarssl/sha1.h"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#include <stdio.h>
#include <string.h>
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_SHA1_C and/or POLARSSL_FS_IO not defined.\n");
"POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -85,7 +86,7 @@ int main( int argc, char *argv[] )
}
rsa_init( &rsa, RSA_PKCS_V15, 0 );
if( ( ret = mpi_read_file( &rsa.N , 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.E , 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.D , 16, f ) ) != 0 ||
@@ -112,10 +113,10 @@ int main( int argc, char *argv[] )
}
/*
* Compute the SHA-1 hash of the input file,
* Compute the SHA-256 hash of the input file,
* then calculate the RSA signature of the hash.
*/
polarssl_printf( "\n . Generating the RSA/SHA-1 signature" );
polarssl_printf( "\n . Generating the RSA/SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[1], hash ) ) != 0 )
@@ -124,7 +125,7 @@ int main( int argc, char *argv[] )
goto exit;
}
if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA1,
if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA256,
20, hash, buf ) ) != 0 )
{
polarssl_printf( " failed\n ! rsa_pkcs1_sign returned -0x%0x\n\n", -ret );
@@ -160,5 +161,5 @@ exit:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_FS_IO */

37
programs/pkey/rsa_sign_pss.c
View File

@@ -1,5 +1,5 @@
/*
* RSASSA-PSS/SHA-1 signature creation program
* RSASSA-PSS/SHA-256 signature creation program
*
* Copyright (C) 2006-2011, ARM Limited, All Rights Reserved
*
@@ -29,12 +29,16 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_snprintf snprintf
#define polarssl_printf printf
#define polarssl_snprintf snprintf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \
defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) && \
defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/md.h"
@@ -42,21 +46,22 @@
#include "polarssl/sha1.h"
#include "polarssl/x509.h"
#include <stdio.h>
#include <string.h>
#endif
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_RSA_C and/or POLARSSL_SHA1_C and/or "
"POLARSSL_RSA_C and/or POLARSSL_SHA256_C and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
@@ -118,13 +123,13 @@ int main( int argc, char *argv[] )
goto exit;
}
rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA1 );
rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA256 );
/*
* Compute the SHA-1 hash of the input file,
* Compute the SHA-256 hash of the input file,
* then calculate the RSA signature of the hash.
*/
polarssl_printf( "\n . Generating the RSA/SHA-1 signature" );
polarssl_printf( "\n . Generating the RSA/SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
@@ -133,7 +138,7 @@ int main( int argc, char *argv[] )
goto exit;
}
if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen,
if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA256, hash, 0, buf, &olen,
ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_sign returned %d\n\n", ret );
@@ -143,7 +148,7 @@ int main( int argc, char *argv[] )
/*
* Write the signature into <filename>-sig.txt
*/
snprintf( filename, 512, "%s.sig", argv[2] );
polarssl_snprintf( filename, 512, "%s.sig", argv[2] );
if( ( f = fopen( filename, "wb+" ) ) == NULL )
{
@@ -175,5 +180,5 @@ exit:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C &&
POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_SHA256_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_CTR_DRBG_C */

33
programs/pkey/rsa_verify.c
View File

@@ -1,5 +1,5 @@
/*
* RSA/SHA-1 signature verification program
* RSA/SHA-256 signature verification program
*
* Copyright (C) 2006-2011, ARM Limited, All Rights Reserved
*
@@ -29,24 +29,25 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO)
#include "polarssl/rsa.h"
#include "polarssl/sha1.h"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#include <stdio.h>
#include <string.h>
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_SHA1_C and/or POLARSSL_FS_IO not defined.\n");
"POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -122,10 +123,10 @@ int main( int argc, char *argv[] )
}
/*
* Compute the SHA-1 hash of the input file and compare
* Compute the SHA-256 hash of the input file and compare
* it with the hash decrypted from the RSA signature.
*/
polarssl_printf( "\n . Verifying the RSA/SHA-1 signature" );
polarssl_printf( "\n . Verifying the RSA/SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[1], hash ) ) != 0 )
@@ -135,13 +136,13 @@ int main( int argc, char *argv[] )
}
if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC,
POLARSSL_MD_SHA1, 20, hash, buf ) ) != 0 )
POLARSSL_MD_SHA256, 20, hash, buf ) ) != 0 )
{
polarssl_printf( " failed\n ! rsa_pkcs1_verify returned -0x%0x\n\n", -ret );
goto exit;
}
polarssl_printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" );
polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
ret = 0;
@@ -154,5 +155,5 @@ exit:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_FS_IO */

38
programs/pkey/rsa_verify_pss.c
View File

@@ -1,5 +1,5 @@
/*
* RSASSA-PSS/SHA-1 signature verification program
* RSASSA-PSS/SHA-256 signature verification program
*
* Copyright (C) 2006-2011, ARM Limited, All Rights Reserved
*
@@ -29,32 +29,36 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_snprintf snprintf
#define polarssl_printf printf
#define polarssl_snprintf snprintf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) && \
defined(POLARSSL_FS_IO)
#include "polarssl/md.h"
#include "polarssl/pem.h"
#include "polarssl/pk.h"
#include "polarssl/sha1.h"
#include "polarssl/x509.h"
#include <stdio.h>
#include <string.h>
#endif
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@@ -99,13 +103,13 @@ int main( int argc, char *argv[] )
goto exit;
}
rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA1 );
rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA256 );
/*
* Extract the RSA signature from the text file
*/
ret = 1;
snprintf( filename, 512, "%s.sig", argv[2] );
polarssl_snprintf( filename, 512, "%s.sig", argv[2] );
if( ( f = fopen( filename, "rb" ) ) == NULL )
{
@@ -119,10 +123,10 @@ int main( int argc, char *argv[] )
fclose( f );
/*
* Compute the SHA-1 hash of the input file and compare
* Compute the SHA-256 hash of the input file and compare
* it with the hash decrypted from the RSA signature.
*/
polarssl_printf( "\n . Verifying the RSA/SHA-1 signature" );
polarssl_printf( "\n . Verifying the RSA/SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
@@ -131,14 +135,14 @@ int main( int argc, char *argv[] )
goto exit;
}
if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0,
if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA256, hash, 0,
buf, i ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_verify returned %d\n\n", ret );
goto exit;
}
polarssl_printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" );
polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
ret = 0;
@@ -152,5 +156,5 @@ exit:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */

14
programs/random/gen_entropy.c
View File

@@ -29,21 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO)
#include "polarssl/entropy.h"
#include <stdio.h>
#endif
#if !defined(POLARSSL_ENTROPY_C)
int main( int argc, char *argv[] )
#if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_ENTROPY_C not defined.\n");
polarssl_printf("POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else

16
programs/random/gen_random_ctr_drbg.c
View File

@@ -29,22 +29,24 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#if defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_FS_IO)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <stdio.h>
#endif
#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C)
int main( int argc, char *argv[] )
#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_FS_IO)
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_CTR_DRBG_C or POLARSSL_ENTROPY_C not defined.\n");
polarssl_printf("POLARSSL_CTR_DRBG_C and/or POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else

14
programs/random/gen_random_havege.c
View File

@@ -29,21 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#if defined(POLARSSL_HAVEGE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/havege.h"
#include <time.h>
#include <stdio.h>
#include <time.h>
#endif
#if !defined(POLARSSL_HAVEGE_C)
int main( int argc, char *argv[] )
#if !defined(POLARSSL_HAVEGE_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_HAVEGE_C not defined.\n");
return( 0 );
}

4
programs/ssl/CMakeLists.txt
View File

@@ -13,6 +13,7 @@ set(targets
ssl_server
ssl_fork_server
ssl_mail_client
mini_client
)
if(USE_PKCS11_HELPER_LIBRARY)
@@ -47,6 +48,9 @@ target_link_libraries(ssl_fork_server ${libs})
add_executable(ssl_mail_client ssl_mail_client.c)
target_link_libraries(ssl_mail_client ${libs})
add_executable(mini_client mini_client.c)
target_link_libraries(mini_client ${libs})
if(THREADS_FOUND)
add_executable(ssl_pthread_server ssl_pthread_server.c)
target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT})

270
programs/ssl/mini_client.c Normal file
View File

@@ -0,0 +1,270 @@
/*
* Minimal SSL client, used for memory measurements.
* (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h)
*
* Copyright (C) 2014, ARM Limited, All Rights Reserved
*
* This file is part of mbed TLS (https://polarssl.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
/*
* We're creating and connecting the socket "manually" rather than using the
* NET module, in order to avoid the overhead of getaddrinfo() which tends to
* dominate memory usage in small configurations. For the sake of simplicity,
* only a Unix version is implemented.
*/
#if defined(unix) || defined(__unix__) || defined(__unix)
#define UNIX
#endif
#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(UNIX)
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
int main( void )
{
polarssl_printf( "POLARSSL_CTR_DRBG_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_NET_C and/or POLARSSL_SSL_CLI_C and/or UNIX "
"not defined.\n");
return( 0 );
}
#else
#include <string.h>
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
/*
* Hardcoded values for server host and port
*/
#define PORT_BE 0x1151 /* 4433 */
#define PORT_LE 0x5111
#define ADDR_BE 0x7f000001 /* 127.0.0.1 */
#define ADDR_LE 0x0100007f
#define HOSTNAME "localhost" /* for cert verification if enabled */
#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
const char *pers = "mini_client";
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
const unsigned char psk[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
};
const char psk_id[] = "Client_identity";
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
/* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */
const unsigned char ca_cert[] = {
0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8,
0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c,
0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c,
0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45,
0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x39,
0x32, 0x34, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x32,
0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a,
0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c,
0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c,
0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45,
0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22,
0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f,
0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e,
0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95,
0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95,
0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a,
0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2,
0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47,
0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66,
0x16, 0x60, 0x33, 0x1e, 0xa3, 0x81, 0xa0, 0x30, 0x81, 0x9d, 0x30, 0x1d,
0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, 0x6d, 0x20,
0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24,
0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23,
0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01,
0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb,
0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30,
0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61,
0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04,
0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20,
0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09,
0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0c, 0x06,
0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30,
0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03,
0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xb4, 0x62, 0x73, 0x56,
0x28, 0x95, 0x00, 0x7d, 0x78, 0x12, 0x26, 0xd2, 0x71, 0x7b, 0x19, 0xf8,
0x8a, 0x98, 0x3e, 0x92, 0xfe, 0x33, 0x9e, 0xe4, 0x79, 0xd2, 0xfe, 0x7a,
0xb7, 0x87, 0x74, 0x3c, 0x2b, 0xb8, 0xd7, 0x69, 0x94, 0x0b, 0xa3, 0x67,
0x77, 0xb8, 0xb3, 0xbe, 0xd1, 0x36, 0x32, 0x02, 0x31, 0x00, 0xfd, 0x67,
0x9c, 0x94, 0x23, 0x67, 0xc0, 0x56, 0xba, 0x4b, 0x33, 0x15, 0x00, 0xc6,
0xe3, 0xcc, 0x31, 0x08, 0x2c, 0x9c, 0x8b, 0xda, 0xa9, 0x75, 0x23, 0x2f,
0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c,
0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20,
};
#endif /* POLARSSL_X509_CRT_PARSE_C */
enum exit_codes
{
exit_ok = 0,
ctr_drbg_init_failed,
ssl_init_failed,
socket_failed,
connect_failed,
x509_crt_parse_failed,
ssl_handshake_failed,
ssl_write_failed,
};
int main( void )
{
int ret = exit_ok;
int server_fd = -1;
struct sockaddr_in addr;
#if defined(POLARSSL_X509_CRT_PARSE_C)
x509_crt ca;
#endif
entropy_context entropy;
ctr_drbg_context ctr_drbg;
ssl_context ssl;
/*
* 0. Initialize and setup stuff
*/
memset( &ssl, 0, sizeof( ssl_context ) );
#if defined(POLARSSL_X509_CRT_PARSE_C)
x509_crt_init( &ca );
#endif
entropy_init( &entropy );
if( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
(const unsigned char *) pers, strlen( pers ) ) != 0 )
{
ret = ssl_init_failed;
goto exit;
}
if( ssl_init( &ssl ) != 0 )
{
ret = ssl_init_failed;
goto exit;
}
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
ssl_set_psk( &ssl, psk, sizeof( psk ),
(const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
if( x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 )
{
ret = x509_crt_parse_failed;
goto exit;
}
ssl_set_ca_chain( &ssl, &ca, NULL, HOSTNAME );
ssl_set_authmode( &ssl, SSL_VERIFY_REQUIRED );
#endif
/*
* 1. Start the connection
*/
memset( &addr, 0, sizeof( addr ) );
addr.sin_family = AF_INET;
ret = 1; /* for endianness detection */
addr.sin_port = *((char *) &ret) == ret ? PORT_LE : PORT_BE;
addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE;
ret = 0;
if( ( server_fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
{
ret = socket_failed;
goto exit;
}
if( connect( server_fd,
(const struct sockaddr *) &addr, sizeof( addr ) ) < 0 )
{
ret = connect_failed;
goto exit;
}
ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd );
if( ssl_handshake( &ssl ) != 0 )
{
ret = ssl_handshake_failed;
goto exit;
}
/*
* 2. Write the GET request and close the connection
*/
if( ssl_write( &ssl, (const unsigned char *) GET_REQUEST,
sizeof( GET_REQUEST ) - 1 ) <= 0 )
{
ret = ssl_write_failed;
goto exit;
}
ssl_close_notify( &ssl );
exit:
if( server_fd != -1 )
net_close( server_fd );
ssl_free( &ssl );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(POLARSSL_X509_CRT_PARSE_C)
x509_crt_free( &ca );
#endif
return( ret );
}
#endif

37
programs/ssl/ssl_client1.c
View File

@@ -29,13 +29,15 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \
defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_X509_CRT_PARSE_C)
#include "polarssl/net.h"
#include "polarssl/debug.h"
#include "polarssl/ssl.h"
@@ -44,15 +46,22 @@
#include "polarssl/error.h"
#include "polarssl/certs.h"
#include <stdio.h>
#include <string.h>
#endif
#define SERVER_PORT 4433
#define SERVER_NAME "localhost"
#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
#define DEBUG_LEVEL 1
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
@@ -61,13 +70,6 @@ int main( int argc, char *argv[] )
return( 0 );
}
#else
#define SERVER_PORT 4433
#define SERVER_NAME "localhost"
#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
#define DEBUG_LEVEL 1
static void my_debug( void *ctx, int level, const char *str )
{
((void) level);
@@ -76,7 +78,7 @@ static void my_debug( void *ctx, int level, const char *str )
fflush( (FILE *) ctx );
}
int main( int argc, char *argv[] )
int main( void )
{
int ret, len, server_fd = -1;
unsigned char buf[1024];
@@ -87,9 +89,6 @@ int main( int argc, char *argv[] )
ssl_context ssl;
x509_crt cacert;
((void) argc);
((void) argv);
#if defined(POLARSSL_DEBUG_C)
debug_set_threshold( DEBUG_LEVEL );
#endif

308
programs/ssl/ssl_client2.c
View File

@@ -29,30 +29,16 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#define polarssl_snprintf snprintf
#endif
#if !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
#include <stdio.h>
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \
defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \
defined(POLARSSL_NET_C) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/entropy.h"
@@ -62,6 +48,11 @@ int main( int argc, char *argv[] )
#include "polarssl/error.h"
#include "polarssl/debug.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#if defined(POLARSSL_TIMING_C)
#include "polarssl/timing.h"
#endif
@@ -113,138 +104,6 @@ int main( int argc, char *argv[] )
#define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: "
#define GET_REQUEST_END "\r\n\r\n"
/*
* global options
*/
struct options
{
const char *server_name; /* hostname of the server (client only) */
const char *server_addr; /* address of the server (client only) */
int server_port; /* port on which the ssl service runs */
int debug_level; /* level of debugging */
int nbio; /* should I/O be blocking? */
uint32_t read_timeout; /* timeout on ssl_read() in milliseconds */
int max_resend; /* DTLS times to resend on read timeout */
const char *request_page; /* page on server to request */
int request_size; /* pad request with header to requested size */
const char *ca_file; /* the file with the CA certificate(s) */
const char *ca_path; /* the path with the CA certificate(s) reside */
const char *crt_file; /* the file with the client certificate */
const char *key_file; /* the file with the client key */
const char *psk; /* the pre-shared key */
const char *psk_identity; /* the pre-shared key identity */
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
int renegotiation; /* enable / disable renegotiation */
int allow_legacy; /* allow legacy renegotiation */
int renegotiate; /* attempt renegotiation? */
int renego_delay; /* delay before enforcing renegotiation */
int exchanges; /* number of data exchanges */
int min_version; /* minimum protocol version accepted */
int max_version; /* maximum protocol version accepted */
int arc4; /* flag for arc4 suites support */
int auth_mode; /* verify mode for connection */
unsigned char mfl_code; /* code for maximum fragment length */
int trunc_hmac; /* negotiate truncated hmac or not */
int recsplit; /* enable record splitting? */
int reconnect; /* attempt to resume session */
int reco_delay; /* delay in seconds before resuming session */
int tickets; /* enable / disable session tickets */
const char *alpn_string; /* ALPN supported protocols */
int transport; /* TLS or DTLS? */
uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
uint32_t hs_to_max; /* Max value of DTLS handshake timer */
int fallback; /* is this a fallback connection? */
int extended_ms; /* negotiate extended master secret? */
int etm; /* negotiate encrypt then mac? */
} opt;
static void my_debug( void *ctx, int level, const char *str )
{
((void) level);
polarssl_fprintf( (FILE *) ctx, "%s", str );
fflush( (FILE *) ctx );
}
/*
* Test recv/send functions that make sure each try returns
* WANT_READ/WANT_WRITE at least once before sucesseding
*/
static int my_recv( void *ctx, unsigned char *buf, size_t len )
{
static int first_try = 1;
int ret;
if( first_try )
{
first_try = 0;
return( POLARSSL_ERR_NET_WANT_READ );
}
ret = net_recv( ctx, buf, len );
if( ret != POLARSSL_ERR_NET_WANT_READ )
first_try = 1; /* Next call will be a new operation */
return( ret );
}
static int my_send( void *ctx, const unsigned char *buf, size_t len )
{
static int first_try = 1;
int ret;
if( first_try )
{
first_try = 0;
return( POLARSSL_ERR_NET_WANT_WRITE );
}
ret = net_send( ctx, buf, len );
if( ret != POLARSSL_ERR_NET_WANT_WRITE )
first_try = 1; /* Next call will be a new operation */
return( ret );
}
#if defined(POLARSSL_X509_CRT_PARSE_C)
/*
* Enabled if debug_level > 1 in code below
*/
static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
{
char buf[1024];
((void) data);
polarssl_printf( "\nVerify requested for (Depth %d):\n", depth );
x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
polarssl_printf( "%s", buf );
if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
polarssl_printf( " ! server certificate has expired\n" );
if( ( (*flags) & BADCERT_REVOKED ) != 0 )
polarssl_printf( " ! server certificate has been revoked\n" );
if( ( (*flags) & BADCERT_CN_MISMATCH ) != 0 )
polarssl_printf( " ! CN mismatch\n" );
if( ( (*flags) & BADCERT_NOT_TRUSTED ) != 0 )
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
if( ( (*flags) & BADCRL_NOT_TRUSTED ) != 0 )
polarssl_printf( " ! CRL not trusted\n" );
if( ( (*flags) & BADCRL_EXPIRED ) != 0 )
polarssl_printf( " ! CRL expired\n" );
if( ( (*flags) & BADCERT_OTHER ) != 0 )
polarssl_printf( " ! other (unknown) flag\n" );
if ( ( *flags ) == 0 )
polarssl_printf( " This certificate has no flags\n" );
return( 0 );
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
#if defined(POLARSSL_X509_CRT_PARSE_C)
#if defined(POLARSSL_FS_IO)
#define USAGE_IO \
@@ -399,6 +258,149 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
" force_ciphersuite=<name> default: all enabled\n"\
" acceptable ciphersuite names:\n"
#if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
int main( void )
{
polarssl_printf("POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
/*
* global options
*/
struct options
{
const char *server_name; /* hostname of the server (client only) */
const char *server_addr; /* address of the server (client only) */
int server_port; /* port on which the ssl service runs */
int debug_level; /* level of debugging */
int nbio; /* should I/O be blocking? */
uint32_t read_timeout; /* timeout on ssl_read() in milliseconds */
int max_resend; /* DTLS times to resend on read timeout */
const char *request_page; /* page on server to request */
int request_size; /* pad request with header to requested size */
const char *ca_file; /* the file with the CA certificate(s) */
const char *ca_path; /* the path with the CA certificate(s) reside */
const char *crt_file; /* the file with the client certificate */
const char *key_file; /* the file with the client key */
const char *psk; /* the pre-shared key */
const char *psk_identity; /* the pre-shared key identity */
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
int renegotiation; /* enable / disable renegotiation */
int allow_legacy; /* allow legacy renegotiation */
int renegotiate; /* attempt renegotiation? */
int renego_delay; /* delay before enforcing renegotiation */
int exchanges; /* number of data exchanges */
int min_version; /* minimum protocol version accepted */
int max_version; /* maximum protocol version accepted */
int arc4; /* flag for arc4 suites support */
int auth_mode; /* verify mode for connection */
unsigned char mfl_code; /* code for maximum fragment length */
int trunc_hmac; /* negotiate truncated hmac or not */
int recsplit; /* enable record splitting? */
int reconnect; /* attempt to resume session */
int reco_delay; /* delay in seconds before resuming session */
int tickets; /* enable / disable session tickets */
const char *alpn_string; /* ALPN supported protocols */
int transport; /* TLS or DTLS? */
uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
uint32_t hs_to_max; /* Max value of DTLS handshake timer */
int fallback; /* is this a fallback connection? */
int extended_ms; /* negotiate extended master secret? */
int etm; /* negotiate encrypt then mac? */
} opt;
static void my_debug( void *ctx, int level, const char *str )
{
((void) level);
polarssl_fprintf( (FILE *) ctx, "%s", str );
fflush( (FILE *) ctx );
}
/*
* Test recv/send functions that make sure each try returns
* WANT_READ/WANT_WRITE at least once before sucesseding
*/
static int my_recv( void *ctx, unsigned char *buf, size_t len )
{
static int first_try = 1;
int ret;
if( first_try )
{
first_try = 0;
return( POLARSSL_ERR_NET_WANT_READ );
}
ret = net_recv( ctx, buf, len );
if( ret != POLARSSL_ERR_NET_WANT_READ )
first_try = 1; /* Next call will be a new operation */
return( ret );
}
static int my_send( void *ctx, const unsigned char *buf, size_t len )
{
static int first_try = 1;
int ret;
if( first_try )
{
first_try = 0;
return( POLARSSL_ERR_NET_WANT_WRITE );
}
ret = net_send( ctx, buf, len );
if( ret != POLARSSL_ERR_NET_WANT_WRITE )
first_try = 1; /* Next call will be a new operation */
return( ret );
}
#if defined(POLARSSL_X509_CRT_PARSE_C)
/*
* Enabled if debug_level > 1 in code below
*/
static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
{
char buf[1024];
((void) data);
polarssl_printf( "\nVerify requested for (Depth %d):\n", depth );
x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
polarssl_printf( "%s", buf );
if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
polarssl_printf( " ! server certificate has expired\n" );
if( ( (*flags) & BADCERT_REVOKED ) != 0 )
polarssl_printf( " ! server certificate has been revoked\n" );
if( ( (*flags) & BADCERT_CN_MISMATCH ) != 0 )
polarssl_printf( " ! CN mismatch\n" );
if( ( (*flags) & BADCERT_NOT_TRUSTED ) != 0 )
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
if( ( (*flags) & BADCRL_NOT_TRUSTED ) != 0 )
polarssl_printf( " ! CRL not trusted\n" );
if( ( (*flags) & BADCRL_EXPIRED ) != 0 )
polarssl_printf( " ! CRL expired\n" );
if( ( (*flags) & BADCERT_OTHER ) != 0 )
polarssl_printf( " ! other (unknown) flag\n" );
if ( ( *flags ) == 0 )
polarssl_printf( " This certificate has no flags\n" );
return( 0 );
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
int main( int argc, char *argv[] )
{
int ret = 0, len, tail_len, server_fd, i, written, frags, retry_left;
@@ -1323,7 +1325,7 @@ send_request:
polarssl_printf( " > Write to server:" );
fflush( stdout );
len = snprintf( (char *) buf, sizeof(buf) - 1, GET_REQUEST,
len = polarssl_snprintf( (char *) buf, sizeof(buf) - 1, GET_REQUEST,
opt.request_page );
tail_len = strlen( GET_REQUEST_END );

45
programs/ssl/ssl_fork_server.c
View File

@@ -29,23 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#if defined(_WIN32)
#include <windows.h>
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <signal.h>
#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
#include <unistd.h>
#endif
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) && \
defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) && \
defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \
defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_TIMING_C) && \
defined(POLARSSL_FS_IO)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/certs.h"
@@ -54,6 +52,15 @@
#include "polarssl/net.h"
#include "polarssl/timing.h"
#include <string.h>
#include <stdio.h>
#include <signal.h>
#endif
#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
#include <unistd.h>
#endif
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
@@ -63,7 +70,8 @@
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_TIMING_C)
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_TIMING_C) || \
!defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
@@ -77,11 +85,8 @@ int main( int argc, char *argv[] )
return( 0 );
}
#elif defined(_WIN32)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("_WIN32 defined. This application requires fork() and signals "
"to work correctly.\n");
return( 0 );
@@ -99,7 +104,7 @@ static void my_debug( void *ctx, int level, const char *str )
}
}
int main( int argc, char *argv[] )
int main( void )
{
int ret, len, cnt = 0, pid;
int listen_fd;
@@ -113,9 +118,6 @@ int main( int argc, char *argv[] )
x509_crt srvcert;
pk_context pkey;
((void) argc);
((void) argv);
memset( &ssl, 0, sizeof(ssl_context) );
entropy_init( &entropy );
@@ -340,8 +342,11 @@ int main( int argc, char *argv[] )
len = ret;
polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf );
if( ret > 0 )
break;
}
while( 0 );
while( 1 );
/*
* 7. Write the 200 Response

135
programs/ssl/ssl_mail_client.c
View File

@@ -29,13 +29,29 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \
defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_X509_CRT_PARSE_C) && \
defined(POLARSSL_FS_IO)
#include "polarssl/base64.h"
#include "polarssl/error.h"
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/certs.h"
#include "polarssl/x509.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
#include <unistd.h>
@@ -46,7 +62,6 @@
#endif
#if defined(_WIN32) || defined(_WIN32_WCE)
#include <winsock2.h>
#include <windows.h>
@@ -59,33 +74,6 @@
#endif /* _MSC_VER */
#endif
#include "polarssl/base64.h"
#include "polarssl/error.h"
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/certs.h"
#include "polarssl/x509.h"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
"not defined.\n");
return( 0 );
}
#else
#define DFL_SERVER_NAME "localhost"
#define DFL_SERVER_PORT 465
#define DFL_USER_NAME "user"
@@ -103,6 +91,55 @@ int main( int argc, char *argv[] )
#define MODE_SSL_TLS 0
#define MODE_STARTTLS 0
#if defined(POLARSSL_BASE64_C)
#define USAGE_AUTH \
" authentication=%%d default: 0 (disabled)\n" \
" user_name=%%s default: \"user\"\n" \
" user_pwd=%%s default: \"password\"\n"
#else
#define USAGE_AUTH \
" authentication options disabled. (Require POLARSSL_BASE64_C)\n"
#endif /* POLARSSL_BASE64_C */
#if defined(POLARSSL_FS_IO)
#define USAGE_IO \
" ca_file=%%s default: \"\" (pre-loaded)\n" \
" crt_file=%%s default: \"\" (pre-loaded)\n" \
" key_file=%%s default: \"\" (pre-loaded)\n"
#else
#define USAGE_IO \
" No file operations available (POLARSSL_FS_IO not defined)\n"
#endif /* POLARSSL_FS_IO */
#define USAGE \
"\n usage: ssl_mail_client param=<>...\n" \
"\n acceptable parameters:\n" \
" server_name=%%s default: localhost\n" \
" server_port=%%d default: 4433\n" \
" debug_level=%%d default: 0 (disabled)\n" \
" mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \
USAGE_AUTH \
" mail_from=%%s default: \"\"\n" \
" mail_to=%%s default: \"\"\n" \
USAGE_IO \
" force_ciphersuite=<name> default: all enabled\n"\
" acceptable ciphersuite names:\n"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \
!defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
"not defined.\n");
return( 0 );
}
#else
/*
* global options
*/
@@ -312,47 +349,13 @@ static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len )
code[3] = '\0';
return atoi( code );
}
idx = 0;
}
}
while( 1 );
}
#if defined(POLARSSL_BASE64_C)
#define USAGE_AUTH \
" authentication=%%d default: 0 (disabled)\n" \
" user_name=%%s default: \"user\"\n" \
" user_pwd=%%s default: \"password\"\n"
#else
#define USAGE_AUTH \
" authentication options disabled. (Require POLARSSL_BASE64_C)\n"
#endif /* POLARSSL_BASE64_C */
#if defined(POLARSSL_FS_IO)
#define USAGE_IO \
" ca_file=%%s default: \"\" (pre-loaded)\n" \
" crt_file=%%s default: \"\" (pre-loaded)\n" \
" key_file=%%s default: \"\" (pre-loaded)\n"
#else
#define USAGE_IO \
" No file operations available (POLARSSL_FS_IO not defined)\n"
#endif /* POLARSSL_FS_IO */
#define USAGE \
"\n usage: ssl_mail_client param=<>...\n" \
"\n acceptable parameters:\n" \
" server_name=%%s default: localhost\n" \
" server_port=%%d default: 4433\n" \
" debug_level=%%d default: 0 (disabled)\n" \
" mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \
USAGE_AUTH \
" mail_from=%%s default: \"\"\n" \
" mail_to=%%s default: \"\"\n" \
USAGE_IO \
" force_ciphersuite=<name> default: all enabled\n"\
" acceptable ciphersuite names:\n"
int main( int argc, char *argv[] )
{
int ret = 0, len, server_fd;

52
programs/ssl/ssl_pthread_server.c
View File

@@ -30,18 +30,22 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#define polarssl_snprintf snprintf
#endif
#if defined(_WIN32)
#include <windows.h>
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) && \
defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) && \
defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \
defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \
defined(POLARSSL_THREADING_C) && defined(POLARSSL_THREADING_PTHREAD)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/certs.h"
@@ -50,6 +54,11 @@
#include "polarssl/net.h"
#include "polarssl/error.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#if defined(POLARSSL_SSL_CACHE_C)
#include "polarssl/ssl_cache.h"
#endif
@@ -58,17 +67,23 @@
#include "polarssl/memory_buffer_alloc.h"
#endif
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
"<p>Successful connection using: %s</p>\r\n"
#define DEBUG_LEVEL 0
#define MAX_NUM_THREADS 5
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_THREADING_C) || !defined(POLARSSL_THREADING_PTHREAD)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
@@ -78,14 +93,6 @@ int main( int argc, char *argv[] )
return( 0 );
}
#else
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
"<p>Successful connection using: %s</p>\r\n"
#define DEBUG_LEVEL 0
threading_mutex_t debug_mutex;
static void my_mutexed_debug( void *ctx, int level, const char *str )
@@ -117,8 +124,6 @@ typedef struct {
pthread_t thread;
} pthread_info_t;
#define MAX_NUM_THREADS 5
static thread_info_t base_info;
static pthread_info_t threads[MAX_NUM_THREADS];
@@ -137,7 +142,7 @@ static void *handle_ssl_connection( void *data )
memset( &ssl, 0, sizeof( ssl_context ) );
memset( &ctr_drbg, 0, sizeof( ctr_drbg_context ) );
snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id );
polarssl_snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id );
polarssl_printf( " [ #%d ] Client FD %d\n", thread_id, client_fd );
polarssl_printf( " [ #%d ] Seeding the random number generator...\n", thread_id );
@@ -366,7 +371,7 @@ static int thread_create( int client_fd )
return( 0 );
}
int main( int argc, char *argv[] )
int main( void )
{
int ret;
int listen_fd;
@@ -382,9 +387,6 @@ int main( int argc, char *argv[] )
ssl_cache_context cache;
#endif
((void) argc);
((void) argv);
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
#endif

56
programs/ssl/ssl_server.c
View File

@@ -29,18 +29,20 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#if defined(_WIN32)
#include <windows.h>
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) && \
defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) && \
defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \
defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/certs.h"
@@ -50,29 +52,15 @@
#include "polarssl/error.h"
#include "polarssl/debug.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#if defined(POLARSSL_SSL_CACHE_C)
#include "polarssl/ssl_cache.h"
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
"not defined.\n");
return( 0 );
}
#else
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
@@ -80,6 +68,21 @@ int main( int argc, char *argv[] )
#define DEBUG_LEVEL 0
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
"not defined.\n");
return( 0 );
}
#else
static void my_debug( void *ctx, int level, const char *str )
{
((void) level);
@@ -88,7 +91,7 @@ static void my_debug( void *ctx, int level, const char *str )
fflush( (FILE *) ctx );
}
int main( int argc, char *argv[] )
int main( void )
{
int ret, len;
int listen_fd;
@@ -105,9 +108,6 @@ int main( int argc, char *argv[] )
ssl_cache_context cache;
#endif
((void) argc);
((void) argv);
memset( &ssl, 0, sizeof(ssl_context) );
#if defined(POLARSSL_SSL_CACHE_C)
ssl_cache_init( &cache );

395
programs/ssl/ssl_server2.c
View File

@@ -29,27 +29,12 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#define polarssl_fprintf fprintf
#define polarssl_malloc malloc
#define polarssl_free free
#endif
#if !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
#include <stdio.h>
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
"POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
#define polarssl_free free
#define polarssl_malloc malloc
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && defined(POLARSSL_FS_IO)
#define POLARSSL_SNI
@@ -59,14 +44,9 @@ int main( int argc, char *argv[] )
#include <windows.h>
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if !defined(_WIN32)
#include <signal.h>
#endif
#if defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) && \
defined(POLARSSL_NET_C) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/entropy.h"
@@ -76,6 +56,15 @@ int main( int argc, char *argv[] )
#include "polarssl/error.h"
#include "polarssl/debug.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#if !defined(_WIN32)
#include <signal.h>
#endif
#if defined(POLARSSL_SSL_CACHE_C)
#include "polarssl/ssl_cache.h"
#endif
@@ -155,102 +144,6 @@ int main( int argc, char *argv[] )
*/
#define IO_BUF_LEN 200
/*
* global options
*/
struct options
{
const char *server_addr; /* address on which the ssl service runs */
int server_port; /* port on which the ssl service runs */
int debug_level; /* level of debugging */
int nbio; /* should I/O be blocking? */
uint32_t read_timeout; /* timeout on ssl_read() in milliseconds */
const char *ca_file; /* the file with the CA certificate(s) */
const char *ca_path; /* the path with the CA certificate(s) reside */
const char *crt_file; /* the file with the server certificate */
const char *key_file; /* the file with the server key */
const char *crt_file2; /* the file with the 2nd server certificate */
const char *key_file2; /* the file with the 2nd server key */
const char *psk; /* the pre-shared key */
const char *psk_identity; /* the pre-shared key identity */
char *psk_list; /* list of PSK id/key pairs for callback */
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
const char *version_suites; /* per-version ciphersuites */
int renegotiation; /* enable / disable renegotiation */
int allow_legacy; /* allow legacy renegotiation */
int renegotiate; /* attempt renegotiation? */
int renego_delay; /* delay before enforcing renegotiation */
int renego_period; /* period for automatic renegotiation */
int exchanges; /* number of data exchanges */
int min_version; /* minimum protocol version accepted */
int max_version; /* maximum protocol version accepted */
int arc4; /* flag for arc4 suites support */
int auth_mode; /* verify mode for connection */
unsigned char mfl_code; /* code for maximum fragment length */
int trunc_hmac; /* accept truncated hmac? */
int tickets; /* enable / disable session tickets */
int ticket_timeout; /* session ticket lifetime */
int cache_max; /* max number of session cache entries */
int cache_timeout; /* expiration delay of session cache entries */
char *sni; /* string describing sni information */
const char *alpn_string; /* ALPN supported protocols */
const char *dhm_file; /* the file with the DH parameters */
int extended_ms; /* allow negotiation of extended MS? */
int etm; /* allow negotiation of encrypt-then-MAC? */
int transport; /* TLS or DTLS? */
int cookies; /* Use cookies for DTLS? -1 to break them */
int anti_replay; /* Use anti-replay for DTLS? -1 for default */
uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
uint32_t hs_to_max; /* Max value of DTLS handshake timer */
int badmac_limit; /* Limit of records with bad MAC */
} opt;
static void my_debug( void *ctx, int level, const char *str )
{
((void) level);
polarssl_fprintf( (FILE *) ctx, "%s", str );
fflush( (FILE *) ctx );
}
/*
* Test recv/send functions that make sure each try returns
* WANT_READ/WANT_WRITE at least once before sucesseding
*/
static int my_recv( void *ctx, unsigned char *buf, size_t len )
{
static int first_try = 1;
int ret;
if( first_try )
{
first_try = 0;
return( POLARSSL_ERR_NET_WANT_READ );
}
ret = net_recv( ctx, buf, len );
if( ret != POLARSSL_ERR_NET_WANT_READ )
first_try = 1; /* Next call will be a new operation */
return( ret );
}
static int my_send( void *ctx, const unsigned char *buf, size_t len )
{
static int first_try = 1;
int ret;
if( first_try )
{
first_try = 0;
return( POLARSSL_ERR_NET_WANT_WRITE );
}
ret = net_send( ctx, buf, len );
if( ret != POLARSSL_ERR_NET_WANT_WRITE )
first_try = 1; /* Next call will be a new operation */
return( ret );
}
#if defined(POLARSSL_X509_CRT_PARSE_C)
#if defined(POLARSSL_FS_IO)
#define USAGE_IO \
@@ -434,6 +327,114 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len )
" force_ciphersuite=<name> default: all enabled\n" \
" acceptable ciphersuite names:\n"
#if !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
#include <stdio.h>
int main( void )
{
polarssl_printf("POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
"POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
/*
* global options
*/
struct options
{
const char *server_addr; /* address on which the ssl service runs */
int server_port; /* port on which the ssl service runs */
int debug_level; /* level of debugging */
int nbio; /* should I/O be blocking? */
uint32_t read_timeout; /* timeout on ssl_read() in milliseconds */
const char *ca_file; /* the file with the CA certificate(s) */
const char *ca_path; /* the path with the CA certificate(s) reside */
const char *crt_file; /* the file with the server certificate */
const char *key_file; /* the file with the server key */
const char *crt_file2; /* the file with the 2nd server certificate */
const char *key_file2; /* the file with the 2nd server key */
const char *psk; /* the pre-shared key */
const char *psk_identity; /* the pre-shared key identity */
char *psk_list; /* list of PSK id/key pairs for callback */
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
const char *version_suites; /* per-version ciphersuites */
int renegotiation; /* enable / disable renegotiation */
int allow_legacy; /* allow legacy renegotiation */
int renegotiate; /* attempt renegotiation? */
int renego_delay; /* delay before enforcing renegotiation */
int renego_period; /* period for automatic renegotiation */
int exchanges; /* number of data exchanges */
int min_version; /* minimum protocol version accepted */
int max_version; /* maximum protocol version accepted */
int arc4; /* flag for arc4 suites support */
int auth_mode; /* verify mode for connection */
unsigned char mfl_code; /* code for maximum fragment length */
int trunc_hmac; /* accept truncated hmac? */
int tickets; /* enable / disable session tickets */
int ticket_timeout; /* session ticket lifetime */
int cache_max; /* max number of session cache entries */
int cache_timeout; /* expiration delay of session cache entries */
char *sni; /* string describing sni information */
const char *alpn_string; /* ALPN supported protocols */
const char *dhm_file; /* the file with the DH parameters */
int extended_ms; /* allow negotiation of extended MS? */
int etm; /* allow negotiation of encrypt-then-MAC? */
int transport; /* TLS or DTLS? */
int cookies; /* Use cookies for DTLS? -1 to break them */
int anti_replay; /* Use anti-replay for DTLS? -1 for default */
uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
uint32_t hs_to_max; /* Max value of DTLS handshake timer */
int badmac_limit; /* Limit of records with bad MAC */
} opt;
static void my_debug( void *ctx, int level, const char *str )
{
((void) level);
polarssl_fprintf( (FILE *) ctx, "%s", str );
fflush( (FILE *) ctx );
}
/*
* Test recv/send functions that make sure each try returns
* WANT_READ/WANT_WRITE at least once before sucesseding
*/
static int my_recv( void *ctx, unsigned char *buf, size_t len )
{
static int first_try = 1;
int ret;
if( first_try )
{
first_try = 0;
return( POLARSSL_ERR_NET_WANT_READ );
}
ret = net_recv( ctx, buf, len );
if( ret != POLARSSL_ERR_NET_WANT_READ )
first_try = 1; /* Next call will be a new operation */
return( ret );
}
static int my_send( void *ctx, const unsigned char *buf, size_t len )
{
static int first_try = 1;
int ret;
if( first_try )
{
first_try = 0;
return( POLARSSL_ERR_NET_WANT_WRITE );
}
ret = net_send( ctx, buf, len );
if( ret != POLARSSL_ERR_NET_WANT_WRITE )
first_try = 1; /* Next call will be a new operation */
return( ret );
}
/*
* Used by sni_parse and psk_parse to handle coma-separated lists
*/
@@ -441,7 +442,7 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len )
dst = p; \
while( *p != ',' ) \
if( ++p > end ) \
return( NULL ); \
goto error; \
*p++ = '\0';
#if defined(POLARSSL_SNI)
@@ -454,53 +455,6 @@ struct _sni_entry {
sni_entry *next;
};
/*
* Parse a string of triplets name1,crt1,key1[,name2,crt2,key2[,...]]
* into a usable sni_entry list.
*
* Modifies the input string! This is not production quality!
* (leaks memory if parsing fails, no error reporting, ...)
*/
sni_entry *sni_parse( char *sni_string )
{
sni_entry *cur = NULL, *new = NULL;
char *p = sni_string;
char *end = p;
char *crt_file, *key_file;
while( *end != '\0' )
++end;
*end = ',';
while( p <= end )
{
if( ( new = polarssl_malloc( sizeof( sni_entry ) ) ) == NULL )
return( NULL );
memset( new, 0, sizeof( sni_entry ) );
if( ( new->cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL ||
( new->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
return( NULL );
x509_crt_init( new->cert );
pk_init( new->key );
GET_ITEM( new->name );
GET_ITEM( crt_file );
GET_ITEM( key_file );
if( x509_crt_parse_file( new->cert, crt_file ) != 0 ||
pk_parse_keyfile( new->key, key_file, "" ) != 0 )
return( NULL );
new->next = cur;
cur = new;
}
return( cur );
}
void sni_free( sni_entry *head )
{
sni_entry *cur = head, *next;
@@ -519,6 +473,67 @@ void sni_free( sni_entry *head )
}
}
/*
* Parse a string of triplets name1,crt1,key1[,name2,crt2,key2[,...]]
* into a usable sni_entry list.
*
* Modifies the input string! This is not production quality!
*/
sni_entry *sni_parse( char *sni_string )
{
sni_entry *cur = NULL, *new = NULL;
char *p = sni_string;
char *end = p;
char *crt_file, *key_file;
while( *end != '\0' )
++end;
*end = ',';
while( p <= end )
{
if( ( new = polarssl_malloc( sizeof( sni_entry ) ) ) == NULL )
{
sni_free( cur );
return( NULL );
}
memset( new, 0, sizeof( sni_entry ) );
if( ( new->cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL ||
( new->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
{
polarssl_free( new->cert );
polarssl_free( new );
sni_free( cur );
return( NULL );
}
x509_crt_init( new->cert );
pk_init( new->key );
GET_ITEM( new->name );
GET_ITEM( crt_file );
GET_ITEM( key_file );
if( x509_crt_parse_file( new->cert, crt_file ) != 0 ||
pk_parse_keyfile( new->key, key_file, "" ) != 0 )
{
goto error;
}
new->next = cur;
cur = new;
}
return( cur );
error:
sni_free( new );
sni_free( cur );
return( NULL );
}
/*
* SNI callback.
*/
@@ -593,12 +608,26 @@ struct _psk_entry
psk_entry *next;
};
/*
* Free a list of psk_entry's
*/
void psk_free( psk_entry *head )
{
psk_entry *next;
while( head != NULL )
{
next = head->next;
polarssl_free( head );
head = next;
}
}
/*
* Parse a string of pairs name1,key1[,name2,key2[,...]]
* into a usable psk_entry list.
*
* Modifies the input string! This is not production quality!
* (leaks memory if parsing fails, no error reporting, ...)
*/
psk_entry *psk_parse( char *psk_string )
{
@@ -622,28 +651,18 @@ psk_entry *psk_parse( char *psk_string )
GET_ITEM( key_hex );
if( unhexify( new->key, key_hex, &new->key_len ) != 0 )
return( NULL );
goto error;
new->next = cur;
cur = new;
}
return( cur );
}
/*
* Free a list of psk_entry's
*/
void psk_free( psk_entry *head )
{
psk_entry *next;
while( head != NULL )
{
next = head->next;
polarssl_free( head );
head = next;
}
error:
psk_free( new );
psk_free( cur );
return( 0 );
}
/*

371
programs/test/benchmark.c
View File

@@ -29,12 +29,21 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_exit exit
#define polarssl_printf printf
#define polarssl_snprintf snprintf
#endif
#if !defined(POLARSSL_TIMING_C)
int main( void )
{
polarssl_printf("POLARSSL_TIMING_C not defined.\n");
return( 0 );
}
#else
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include "polarssl/timing.h"
@@ -60,24 +69,128 @@
#include "polarssl/ecdh.h"
#include "polarssl/error.h"
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
#include "polarssl/memory_buffer_alloc.h"
#endif
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
/*
* For heap usage estimates, we need an estimate of the overhead per allocated
* block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block,
* so use that as our baseline.
*/
#define MEM_BLOCK_OVERHEAD ( 2 * sizeof( size_t ) )
/*
* Size to use for the malloc buffer if MEMORY_BUFFER_ALLOC_C is defined.
*/
#define HEAP_SIZE (1u << 16) // 64k
#define BUFSIZE 1024
#define HEADER_FORMAT " %-24s : "
#define TITLE_LEN 25
#if !defined(POLARSSL_TIMING_C)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#define DHM_SIZES 3
polarssl_printf("POLARSSL_TIMING_C not defined.\n");
return( 0 );
}
#define OPTIONS \
"md4, md5, ripemd160, sha1, sha256, sha512,\n" \
"arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,\n" \
"havege, ctr_drbg, hmac_drbg\n" \
"rsa, dhm, ecdsa, ecdh.\n"
#if defined(POLARSSL_ERROR_C)
#define PRINT_ERROR \
polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
polarssl_printf( "FAILED: %s\n", tmp );
#else
#define PRINT_ERROR \
polarssl_printf( "FAILED: -0x%04x\n", -ret );
#endif
#define TIME_AND_TSC( TITLE, CODE ) \
do { \
unsigned long i, j, tsc; \
\
polarssl_printf( HEADER_FORMAT, TITLE ); \
fflush( stdout ); \
\
set_alarm( 1 ); \
for( i = 1; ! alarmed; i++ ) \
{ \
CODE; \
} \
\
tsc = hardclock(); \
for( j = 0; j < 1024; j++ ) \
{ \
CODE; \
} \
\
polarssl_printf( "%9lu Kb/s, %9lu cycles/byte\n", \
i * BUFSIZE / 1024, \
( hardclock() - tsc ) / ( j * BUFSIZE ) ); \
} while( 0 )
#if defined(POLARSSL_ERROR_C)
#define PRINT_ERROR \
polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
polarssl_printf( "FAILED: %s\n", tmp );
#else
#define PRINT_ERROR \
polarssl_printf( "FAILED: -0x%04x\n", -ret );
#endif
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && defined(POLARSSL_MEMORY_DEBUG)
#define MEMORY_MEASURE_INIT \
size_t max_used, max_blocks, max_bytes; \
size_t prv_used, prv_blocks; \
memory_buffer_alloc_cur_get( &prv_used, &prv_blocks ); \
memory_buffer_alloc_max_reset( );
#define MEMORY_MEASURE_PRINT( title_len ) \
memory_buffer_alloc_max_get( &max_used, &max_blocks ); \
for( i = 12 - title_len; i != 0; i-- ) polarssl_printf( " " ); \
max_used -= prv_used; \
max_blocks -= prv_blocks; \
max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks; \
polarssl_printf( "%6u heap bytes", (unsigned) max_bytes );
#else
#define MEMORY_MEASURE_INIT
#define MEMORY_MEASURE_PRINT( title_len )
#endif
#define TIME_PUBLIC( TITLE, TYPE, CODE ) \
do { \
unsigned long i; \
int ret; \
MEMORY_MEASURE_INIT; \
\
polarssl_printf( HEADER_FORMAT, TITLE ); \
fflush( stdout ); \
set_alarm( 3 ); \
\
ret = 0; \
for( i = 1; ! alarmed && ! ret ; i++ ) \
{ \
CODE; \
} \
\
if( ret != 0 ) \
{ \
PRINT_ERROR; \
} \
else \
{ \
polarssl_printf( "%6lu " TYPE "/s", i / 3 ); \
MEMORY_MEASURE_PRINT( sizeof( TYPE ) + 1 ); \
polarssl_printf( "\n" ); \
} \
} while( 0 )
static int myrand( void *rng_state, unsigned char *output, size_t len )
{
@@ -102,61 +215,26 @@ static int myrand( void *rng_state, unsigned char *output, size_t len )
return( 0 );
}
#define TIME_AND_TSC( TITLE, CODE ) \
do { \
unsigned long i, j, tsc; \
\
polarssl_printf( HEADER_FORMAT, TITLE ); \
fflush( stdout ); \
\
set_alarm( 1 ); \
for( i = 1; ! alarmed; i++ ) \
{ \
CODE; \
} \
\
tsc = hardclock(); \
for( j = 0; j < 1024; j++ ) \
{ \
CODE; \
} \
\
polarssl_printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, \
( hardclock() - tsc ) / ( j * BUFSIZE ) ); \
} while( 0 )
#if defined(POLARSSL_ERROR_C)
#define PRINT_ERROR \
polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
polarssl_printf( "FAILED: %s\n", tmp );
/*
* Clear some memory that was used to prepare the context
*/
#if defined(POLARSSL_ECP_C)
void ecp_clear_precomputed( ecp_group *grp )
{
if( grp->T != NULL )
{
size_t i;
for( i = 0; i < grp->T_size; i++ )
ecp_point_free( &grp->T[i] );
polarssl_free( grp->T );
}
grp->T = NULL;
grp->T_size = 0;
}
#else
#define PRINT_ERROR \
polarssl_printf( "FAILED: -0x%04x\n", -ret );
#define ecp_clear_precomputed( g )
#endif
#define TIME_PUBLIC( TITLE, TYPE, CODE ) \
do { \
unsigned long i; \
int ret; \
\
polarssl_printf( HEADER_FORMAT, TITLE ); \
fflush( stdout ); \
set_alarm( 3 ); \
\
ret = 0; \
for( i = 1; ! alarmed && ! ret ; i++ ) \
{ \
CODE; \
} \
\
if( ret != 0 ) \
{ \
PRINT_ERROR; \
} \
else \
polarssl_printf( "%9lu " TYPE "/s\n", i / 3 ); \
} while( 0 )
unsigned char buf[BUFSIZE];
typedef struct {
@@ -166,18 +244,15 @@ typedef struct {
rsa, dhm, ecdsa, ecdh;
} todo_list;
#define OPTIONS \
"md4, md5, ripemd160, sha1, sha256, sha512,\n" \
"arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,\n" \
"havege, ctr_drbg, hmac_drbg\n" \
"rsa, dhm, ecdsa, ecdh.\n"
int main( int argc, char *argv[] )
{
int keysize, i;
int i;
unsigned char tmp[200];
char title[TITLE_LEN];
todo_list todo;
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
unsigned char malloc_buf[HEAP_SIZE] = { 0 };
#endif
if( argc == 1 )
memset( &todo, 1, sizeof( todo ) );
@@ -239,6 +314,9 @@ int main( int argc, char *argv[] )
polarssl_printf( "\n" );
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
memory_buffer_alloc_init( malloc_buf, sizeof( malloc_buf ) );
#endif
memset( buf, 0xAA, sizeof( buf ) );
memset( tmp, 0xBB, sizeof( tmp ) );
@@ -309,11 +387,12 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_CIPHER_MODE_CBC)
if( todo.aes_cbc )
{
int keysize;
aes_context aes;
aes_init( &aes );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
snprintf( title, sizeof( title ), "AES-CBC-%d", keysize );
polarssl_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
@@ -328,10 +407,11 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_GCM_C)
if( todo.aes_gcm )
{
int keysize;
gcm_context gcm;
for( keysize = 128; keysize <= 256; keysize += 64 )
{
snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
polarssl_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
@@ -348,10 +428,11 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_CCM_C)
if( todo.aes_ccm )
{
int keysize;
ccm_context ccm;
for( keysize = 128; keysize <= 256; keysize += 64 )
{
snprintf( title, sizeof( title ), "AES-CCM-%d", keysize );
polarssl_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
@@ -370,11 +451,12 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_CAMELLIA_C) && defined(POLARSSL_CIPHER_MODE_CBC)
if( todo.camellia )
{
int keysize;
camellia_context camellia;
camellia_init( &camellia );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize );
polarssl_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
@@ -391,12 +473,13 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_BLOWFISH_C) && defined(POLARSSL_CIPHER_MODE_CBC)
if( todo.blowfish )
{
int keysize;
blowfish_context blowfish;
blowfish_init( &blowfish );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
polarssl_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
@@ -427,17 +510,17 @@ int main( int argc, char *argv[] )
ctr_drbg_context ctr_drbg;
if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
exit(1);
polarssl_exit(1);
TIME_AND_TSC( "CTR_DRBG (NOPR)",
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
exit(1) );
polarssl_exit(1) );
if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
exit(1);
polarssl_exit(1);
ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_ON );
TIME_AND_TSC( "CTR_DRBG (PR)",
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
exit(1) );
polarssl_exit(1) );
ctr_drbg_free( &ctr_drbg );
}
#endif
@@ -450,43 +533,43 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_SHA1_C)
if( ( md_info = md_info_from_type( POLARSSL_MD_SHA1 ) ) == NULL )
exit(1);
polarssl_exit(1);
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
exit(1);
polarssl_exit(1);
TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)",
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
exit(1) );
polarssl_exit(1) );
hmac_drbg_free( &hmac_drbg );
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
exit(1);
polarssl_exit(1);
hmac_drbg_set_prediction_resistance( &hmac_drbg,
POLARSSL_HMAC_DRBG_PR_ON );
TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)",
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
exit(1) );
polarssl_exit(1) );
hmac_drbg_free( &hmac_drbg );
#endif
#if defined(POLARSSL_SHA256_C)
if( ( md_info = md_info_from_type( POLARSSL_MD_SHA256 ) ) == NULL )
exit(1);
polarssl_exit(1);
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
exit(1);
polarssl_exit(1);
TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)",
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
exit(1) );
polarssl_exit(1) );
hmac_drbg_free( &hmac_drbg );
if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
exit(1);
polarssl_exit(1);
hmac_drbg_set_prediction_resistance( &hmac_drbg,
POLARSSL_HMAC_DRBG_PR_ON );
TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)",
if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
exit(1) );
polarssl_exit(1) );
hmac_drbg_free( &hmac_drbg );
#endif
}
@@ -495,10 +578,11 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME)
if( todo.rsa )
{
int keysize;
rsa_context rsa;
for( keysize = 1024; keysize <= 4096; keysize *= 2 )
{
snprintf( title, sizeof( title ), "RSA-%d", keysize );
polarssl_snprintf( title, sizeof( title ), "RSA-%d", keysize );
rsa_init( &rsa, RSA_PKCS_V15, 0 );
rsa_gen_key( &rsa, myrand, NULL, keysize, 65537 );
@@ -519,7 +603,6 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_DHM_C) && defined(POLARSSL_BIGNUM_C)
if( todo.dhm )
{
#define DHM_SIZES 3
int dhm_sizes[DHM_SIZES] = { 1024, 2048, 3072 };
const char *dhm_P[DHM_SIZES] = {
POLARSSL_DHM_RFC5114_MODP_1024_P,
@@ -541,22 +624,22 @@ int main( int argc, char *argv[] )
if( mpi_read_string( &dhm.P, 16, dhm_P[i] ) != 0 ||
mpi_read_string( &dhm.G, 16, dhm_G[i] ) != 0 )
{
exit( 1 );
polarssl_exit( 1 );
}
dhm.len = mpi_size( &dhm.P );
dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL );
if( mpi_copy( &dhm.GY, &dhm.GX ) != 0 )
exit( 1 );
polarssl_exit( 1 );
snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] );
polarssl_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] );
TIME_PUBLIC( title, "handshake",
olen = sizeof( buf );
ret |= dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len,
myrand, NULL );
ret |= dhm_calc_secret( &dhm, buf, &olen, myrand, NULL ) );
snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] );
polarssl_snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] );
TIME_PUBLIC( title, "handshake",
olen = sizeof( buf );
ret |= dhm_calc_secret( &dhm, buf, &olen, myrand, NULL ) );
@@ -582,14 +665,34 @@ int main( int argc, char *argv[] )
ecdsa_init( &ecdsa );
if( ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 )
exit( 1 );
polarssl_exit( 1 );
ecp_clear_precomputed( &ecdsa.grp );
snprintf( title, sizeof( title ), "ECDSA-%s",
polarssl_snprintf( title, sizeof( title ), "ECDSA-%s",
curve_info->name );
TIME_PUBLIC( title, "sign",
ret = ecdsa_write_signature( &ecdsa, buf, curve_info->size,
tmp, &sig_len, myrand, NULL ) );
ecdsa_free( &ecdsa );
}
for( curve_info = ecp_curve_list();
curve_info->grp_id != POLARSSL_ECP_DP_NONE;
curve_info++ )
{
ecdsa_init( &ecdsa );
if( ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ||
ecdsa_write_signature( &ecdsa, buf, curve_info->size,
tmp, &sig_len, myrand, NULL ) != 0 )
{
polarssl_exit( 1 );
}
ecp_clear_precomputed( &ecdsa.grp );
polarssl_snprintf( title, sizeof( title ), "ECDSA-%s",
curve_info->name );
TIME_PUBLIC( title, "verify",
ret = ecdsa_read_signature( &ecdsa, buf, curve_info->size,
tmp, sig_len ) );
@@ -603,6 +706,9 @@ int main( int argc, char *argv[] )
if( todo.ecdh )
{
ecdh_context ecdh;
#if defined(POLARSSL_ECP_DP_M255_ENABLED)
mpi z;
#endif
const ecp_curve_info *curve_info;
size_t olen;
@@ -617,28 +723,95 @@ int main( int argc, char *argv[] )
myrand, NULL ) != 0 ||
ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 )
{
exit( 1 );
polarssl_exit( 1 );
}
ecp_clear_precomputed( &ecdh.grp );
snprintf( title, sizeof( title ), "ECDHE-%s",
polarssl_snprintf( title, sizeof( title ), "ECDHE-%s",
curve_info->name );
TIME_PUBLIC( title, "handshake",
ret |= ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
myrand, NULL );
ret |= ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
myrand, NULL ) );
ecdh_free( &ecdh );
}
snprintf( title, sizeof( title ), "ECDH-%s",
/* Curve25519 needs to be handled separately */
#if defined(POLARSSL_ECP_DP_M255_ENABLED)
ecdh_init( &ecdh );
mpi_init( &z );
if( ecp_use_known_dp( &ecdh.grp, POLARSSL_ECP_DP_M255 ) != 0 ||
ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) != 0 )
{
polarssl_exit( 1 );
}
TIME_PUBLIC( "ECDHE-Curve25519", "handshake",
ret |= ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q,
myrand, NULL );
ret |= ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
myrand, NULL ) );
ecdh_free( &ecdh );
mpi_free( &z );
#endif
for( curve_info = ecp_curve_list();
curve_info->grp_id != POLARSSL_ECP_DP_NONE;
curve_info++ )
{
ecdh_init( &ecdh );
if( ecp_use_known_dp( &ecdh.grp, curve_info->grp_id ) != 0 ||
ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
myrand, NULL ) != 0 ||
ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 ||
ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
myrand, NULL ) != 0 )
{
polarssl_exit( 1 );
}
ecp_clear_precomputed( &ecdh.grp );
polarssl_snprintf( title, sizeof( title ), "ECDH-%s",
curve_info->name );
TIME_PUBLIC( title, "handshake",
ret |= ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
myrand, NULL ) );
ecdh_free( &ecdh );
}
/* Curve25519 needs to be handled separately */
#if defined(POLARSSL_ECP_DP_M255_ENABLED)
ecdh_init( &ecdh );
mpi_init( &z );
if( ecp_use_known_dp( &ecdh.grp, POLARSSL_ECP_DP_M255 ) != 0 ||
ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp,
myrand, NULL ) != 0 ||
ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) != 0 )
{
polarssl_exit( 1 );
}
TIME_PUBLIC( "ECDH-Curve25519", "handshake",
ret |= ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
myrand, NULL ) );
ecdh_free( &ecdh );
mpi_free( &z );
#endif
}
#endif
polarssl_printf( "\n" );
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
memory_buffer_alloc_free();
#endif
#if defined(_WIN32)
polarssl_printf( " Press Enter to exit this program.\n" );
fflush( stdout ); getchar();

23
programs/test/o_p_test.c
View File

@@ -29,19 +29,18 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/stat.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO)
#include <openssl/rsa.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/pem.h>
#include <openssl/bio.h>
@@ -50,13 +49,17 @@
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <unistd.h>
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );

19
programs/test/selftest.c
View File

@@ -26,15 +26,6 @@
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdio.h>
#include "polarssl/entropy.h"
#include "polarssl/hmac_drbg.h"
#include "polarssl/ctr_drbg.h"
@@ -62,6 +53,16 @@
#include "polarssl/ecp.h"
#include "polarssl/timing.h"
#include <stdio.h>
#include <string.h>
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
#include "polarssl/memory_buffer_alloc.h"
#endif

42
programs/test/ssl_cert_test.c
View File

@@ -29,36 +29,37 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_snprintf snprintf
#define polarssl_printf printf
#define polarssl_snprintf snprintf
#endif
#include <string.h>
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_X509_CRT_PARSE_C) && \
defined(POLARSSL_FS_IO) && defined(POLARSSL_X509_CRL_PARSE_C)
#include "polarssl/certs.h"
#include "polarssl/x509_crt.h"
#include <stdio.h>
#include <string.h>
#endif
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
#define MAX_CLIENT_CERTS 8
#if !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_X509_CRL_PARSE_C)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_RSA_C and/or POLARSSL_X509_CRT_PARSE_C "
"POLARSSL_FS_IO and/or POLARSSL_X509_CRL_PARSE_C "
"not defined.\n");
return( 0 );
}
#else
#include "polarssl/certs.h"
#include "polarssl/x509_crt.h"
#if defined _MSC_VER && !defined snprintf
#define snprintf _snprintf
#endif
#define MAX_CLIENT_CERTS 8
const char *client_certificates[MAX_CLIENT_CERTS] =
{
"client1.crt",
@@ -83,16 +84,13 @@ const char *client_private_keys[MAX_CLIENT_CERTS] =
"cert_digest.key"
};
int main( int argc, char *argv[] )
int main( void )
{
int ret, i;
x509_crt cacert;
x509_crl crl;
char buf[10240];
((void) argc);
((void) argv);
x509_crt_init( &cacert );
x509_crl_init( &crl );
@@ -149,7 +147,7 @@ int main( int argc, char *argv[] )
x509_crt_init( &clicert );
pk_init( &pk );
snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]);
polarssl_snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]);
polarssl_printf( " . Loading the client certificate %s...", name );
fflush( stdout );
@@ -198,7 +196,7 @@ int main( int argc, char *argv[] )
/*
* 1.5. Load own private key
*/
snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]);
polarssl_snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]);
polarssl_printf( " . Loading the client private key %s...", name );
fflush( stdout );

62
programs/test/ssl_test.c
View File

@@ -29,44 +29,33 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#define polarssl_fprintf fprintf
#define polarssl_malloc malloc
#include <stdio.h>
#define polarssl_free free
#define polarssl_malloc malloc
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) && \
defined(POLARSSL_SSL_CLI_C) && defined(POLARSSL_NET_C) && \
defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \
defined(POLARSSL_X509_CRT_PARSE_C)
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/certs.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#if defined(POLARSSL_TIMING_C)
#include "polarssl/timing.h"
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \
!defined(POLARSSL_SSL_CLI_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
"POLARSSL_SSL_CLI_C and/or POLARSSL_NET_C and/or "
"POLARSSL_RSA_C and/or POLARSSL_CTR_DRBG_C and/or "
"POLARSSL_X509_CRT_PARSE_C not defined.\n");
return( 0 );
}
#else
#define OPMODE_NONE 0
#define OPMODE_CLIENT 1
#define OPMODE_SERVER 2
@@ -92,6 +81,21 @@ int main( int argc, char *argv[] )
#define DFL_SESSION_LIFETIME 86400
#define DFL_FORCE_CIPHER 0
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \
!defined(POLARSSL_SSL_CLI_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
"POLARSSL_SSL_CLI_C and/or POLARSSL_NET_C and/or "
"POLARSSL_RSA_C and/or POLARSSL_CTR_DRBG_C and/or "
"POLARSSL_X509_CRT_PARSE_C not defined.\n");
return( 0 );
}
#else
int server_fd = -1;
/*
@@ -295,8 +299,8 @@ static int ssl_test( struct options *opt )
}
}
read_buf = (unsigned char *) polarssl_malloc( opt->buffer_size );
write_buf = (unsigned char *) polarssl_malloc( opt->buffer_size );
read_buf = polarssl_malloc( opt->buffer_size );
write_buf = polarssl_malloc( opt->buffer_size );
if( read_buf == NULL || write_buf == NULL )
{
@@ -453,7 +457,7 @@ exit:
" session_reuse=on/off default: on (enabled)\n" \
" session_lifetime=%%d (s) default: 86400\n" \
" force_ciphersuite=<name> default: all enabled\n" \
" acceptable ciphersuite names:\n"
" acceptable ciphersuite names:\n"
int main( int argc, char *argv[] )
{

1
programs/test/udp_proxy.c
View File

@@ -47,6 +47,7 @@ int main( void )
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
/* For select() */

38
programs/util/pem2der.c
View File

@@ -29,27 +29,34 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#define polarssl_malloc malloc
#include <stdio.h>
#define polarssl_free free
#define polarssl_malloc malloc
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_BASE64_C) && defined(POLARSSL_FS_IO)
#include "polarssl/error.h"
#include "polarssl/base64.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#define DFL_FILENAME "file.pem"
#define DFL_OUTPUT_FILENAME "file.der"
#if !defined(POLARSSL_BASE64_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
#define USAGE \
"\n usage: pem2der param=<>...\n" \
"\n acceptable parameters:\n" \
" filename=%%s default: file.pem\n" \
" output_file=%%s default: file.der\n" \
"\n"
#if !defined(POLARSSL_BASE64_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BASE64_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@@ -129,7 +136,7 @@ static int load_file( const char *path, unsigned char **buf, size_t *n )
*n = (size_t) size;
if( *n + 1 == 0 ||
( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL )
( *buf = polarssl_malloc( *n + 1 ) ) == NULL )
{
fclose( f );
return( -1 );
@@ -170,13 +177,6 @@ static int write_file( const char *path, unsigned char *buf, size_t n )
return( 0 );
}
#define USAGE \
"\n usage: pem2der param=<>...\n" \
"\n acceptable parameters:\n" \
" filename=%%s default: file.pem\n" \
" output_file=%%s default: file.der\n" \
"\n"
int main( int argc, char *argv[] )
{
int ret = 0;

14
programs/util/strerror.c
View File

@@ -29,25 +29,25 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#if defined(POLARSSL_ERROR_C) || defined(POLARSSL_ERROR_STRERROR_DUMMY)
#include "polarssl/error.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#include "polarssl/error.h"
#endif
#define USAGE \
"\n usage: strerror <errorcode>\n" \
"\n where <errorcode> can be a decimal or hexadecimal (starts with 0x or -0x)\n"
#if !defined(POLARSSL_ERROR_C) && !defined(POLARSSL_ERROR_STRERROR_DUMMY)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_ERROR_C and/or POLARSSL_ERROR_STRERROR_DUMMY not defined.\n");
return( 0 );
}

91
programs/x509/cert_app.c
View File

@@ -29,38 +29,26 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \
defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \
defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/x509.h"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#define MODE_NONE 0
#define MODE_FILE 1
@@ -76,6 +64,41 @@ int main( int argc, char *argv[] )
#define DFL_DEBUG_LEVEL 0
#define DFL_PERMISSIVE 0
#define USAGE_IO \
" ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \
" default: \"\" (none)\n" \
" crl_file=%%s The single CRL file you want to use\n" \
" default: \"\" (none)\n" \
" ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \
" default: \"\" (none) (overrides ca_file)\n"
#define USAGE \
"\n usage: cert_app param=<>...\n" \
"\n acceptable parameters:\n" \
" mode=file|ssl default: none\n" \
" filename=%%s default: cert.crt\n" \
USAGE_IO \
" server_name=%%s default: localhost\n" \
" server_port=%%d default: 4433\n" \
" debug_level=%%d default: 0 (disabled)\n" \
" permissive=%%d default: 0 (disabled)\n" \
"\n"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
/*
* global options
*/
@@ -137,26 +160,6 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
return( 0 );
}
#define USAGE_IO \
" ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \
" default: \"\" (none)\n" \
" crl_file=%%s The single CRL file you want to use\n" \
" default: \"\" (none)\n" \
" ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \
" default: \"\" (none) (overrides ca_file)\n"
#define USAGE \
"\n usage: cert_app param=<>...\n" \
"\n acceptable parameters:\n" \
" mode=file|ssl default: none\n" \
" filename=%%s default: cert.crt\n" \
USAGE_IO \
" server_name=%%s default: localhost\n" \
" server_port=%%d default: 4433\n" \
" debug_level=%%d default: 0 (disabled)\n" \
" permissive=%%d default: 0 (disabled)\n" \
"\n"
int main( int argc, char *argv[] )
{
int ret = 0, server_fd;
@@ -348,6 +351,8 @@ int main( int argc, char *argv[] )
cur = cur->next;
}
ret = 0;
/*
* 1.3 Verify the certificate
*/

95
programs/x509/cert_req.c
View File

@@ -29,33 +29,22 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_X509_CSR_WRITE_C) && defined(POLARSSL_FS_IO) && \
defined(POLARSSL_PK_PARSE_C) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/x509_csr.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/error.h"
#if !defined(POLARSSL_X509_CSR_WRITE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
polarssl_printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_PK_PARSE_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
"not defined.\n");
return( 0 );
}
#else
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#define DFL_FILENAME "keyfile.key"
#define DFL_DEBUG_LEVEL 0
@@ -64,6 +53,45 @@ int main( int argc, char *argv[] )
#define DFL_KEY_USAGE 0
#define DFL_NS_CERT_TYPE 0
#define USAGE \
"\n usage: cert_req param=<>...\n" \
"\n acceptable parameters:\n" \
" filename=%%s default: keyfile.key\n" \
" debug_level=%%d default: 0 (disabled)\n" \
" output_file=%%s default: cert.req\n" \
" subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \
" key_usage=%%s default: (empty)\n" \
" Comma-separated-list of values:\n" \
" digital_signature\n" \
" non_repudiation\n" \
" key_encipherment\n" \
" data_encipherment\n" \
" key_agreement\n" \
" key_certificate_sign\n" \
" crl_sign\n" \
" ns_cert_type=%%s default: (empty)\n" \
" Comma-separated-list of values:\n" \
" ssl_client\n" \
" ssl_server\n" \
" email\n" \
" object_signing\n" \
" ssl_ca\n" \
" email_ca\n" \
" object_signing_ca\n" \
"\n"
#if !defined(POLARSSL_X509_CSR_WRITE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
int main( void )
{
polarssl_printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_PK_PARSE_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
"not defined.\n");
return( 0 );
}
#else
/*
* global options
*/
@@ -106,33 +134,6 @@ int write_certificate_request( x509write_csr *req, const char *output_file,
return( 0 );
}
#define USAGE \
"\n usage: cert_req param=<>...\n" \
"\n acceptable parameters:\n" \
" filename=%%s default: keyfile.key\n" \
" debug_level=%%d default: 0 (disabled)\n" \
" output_file=%%s default: cert.req\n" \
" subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \
" key_usage=%%s default: (empty)\n" \
" Comma-separated-list of values:\n" \
" digital_signature\n" \
" non_repudiation\n" \
" key_encipherment\n" \
" data_encipherment\n" \
" key_agreement\n" \
" key_certificate_sign\n" \
" crl_sign\n" \
" ns_cert_type=%%s default: (empty)\n" \
" Comma-separated-list of values:\n" \
" ssl_client\n" \
" ssl_server\n" \
" email\n" \
" object_signing\n" \
" ssl_ca\n" \
" email_ca\n" \
" object_signing_ca\n" \
"\n"
int main( int argc, char *argv[] )
{
int ret = 0;
@@ -149,7 +150,7 @@ int main( int argc, char *argv[] )
* Set to sane values
*/
x509write_csr_init( &req );
x509write_csr_set_md_alg( &req, POLARSSL_MD_SHA1 );
x509write_csr_set_md_alg( &req, POLARSSL_MD_SHA256 );
pk_init( &key );
memset( buf, 0, sizeof( buf ) );

154
programs/x509/cert_write.c
View File

@@ -29,36 +29,34 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if !defined(POLARSSL_X509_CRT_WRITE_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_ERROR_C)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
"POLARSSL_FS_IO and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
"POLARSSL_ERROR_C not defined.\n");
return( 0 );
}
#else
#if defined(POLARSSL_X509_CRT_WRITE_C) && \
defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) && \
defined(POLARSSL_ERROR_C)
#include "polarssl/x509_crt.h"
#include "polarssl/x509_csr.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/error.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#if defined(POLARSSL_X509_CSR_PARSE_C)
#define USAGE_CSR \
" request_file=%%s default: (empty)\n" \
" If request_file is specified, subject_key,\n" \
" subject_pwd and subject_name are ignored!\n"
#else
#define USAGE_CSR ""
#endif /* POLARSSL_X509_CSR_PARSE_C */
#define DFL_ISSUER_CRT ""
#define DFL_REQUEST_FILE ""
#define DFL_SUBJECT_KEY "subject.key"
@@ -77,6 +75,64 @@ int main( int argc, char *argv[] )
#define DFL_KEY_USAGE 0
#define DFL_NS_CERT_TYPE 0
#define USAGE \
"\n usage: cert_write param=<>...\n" \
"\n acceptable parameters:\n" \
USAGE_CSR \
" subject_key=%%s default: subject.key\n" \
" subject_pwd=%%s default: (empty)\n" \
" subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \
"\n" \
" issuer_crt=%%s default: (empty)\n" \
" If issuer_crt is specified, issuer_name is\n" \
" ignored!\n" \
" issuer_name=%%s default: CN=CA,O=mbed TLS,C=UK\n" \
"\n" \
" selfsign=%%d default: 0 (false)\n" \
" If selfsign is enabled, issuer_name and\n" \
" issuer_key are required (issuer_crt and\n" \
" subject_* are ignored\n" \
" issuer_key=%%s default: ca.key\n" \
" issuer_pwd=%%s default: (empty)\n" \
" output_file=%%s default: cert.crt\n" \
" serial=%%s default: 1\n" \
" not_before=%%s default: 20010101000000\n"\
" not_after=%%s default: 20301231235959\n"\
" is_ca=%%d default: 0 (disabled)\n" \
" max_pathlen=%%d default: -1 (none)\n" \
" key_usage=%%s default: (empty)\n" \
" Comma-separated-list of values:\n" \
" digital_signature\n" \
" non_repudiation\n" \
" key_encipherment\n" \
" data_encipherment\n" \
" key_agreement\n" \
" key_certificate_sign\n" \
" crl_sign\n" \
" ns_cert_type=%%s default: (empty)\n" \
" Comma-separated-list of values:\n" \
" ssl_client\n" \
" ssl_server\n" \
" email\n" \
" object_signing\n" \
" ssl_ca\n" \
" email_ca\n" \
" object_signing_ca\n" \
"\n"
#if !defined(POLARSSL_X509_CRT_WRITE_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_ERROR_C)
int main( void )
{
polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
"POLARSSL_FS_IO and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
"POLARSSL_ERROR_C not defined.\n");
return( 0 );
}
#else
/*
* global options
*/
@@ -130,60 +186,6 @@ int write_certificate( x509write_cert *crt, const char *output_file,
return( 0 );
}
#if defined(POLARSSL_X509_CSR_PARSE_C)
#define USAGE_CSR \
" request_file=%%s default: (empty)\n" \
" If request_file is specified, subject_key,\n" \
" subject_pwd and subject_name are ignored!\n"
#else
#define USAGE_CSR ""
#endif /* POLARSSL_X509_CSR_PARSE_C */
#define USAGE \
"\n usage: cert_write param=<>...\n" \
"\n acceptable parameters:\n" \
USAGE_CSR \
" subject_key=%%s default: subject.key\n" \
" subject_pwd=%%s default: (empty)\n" \
" subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \
"\n" \
" issuer_crt=%%s default: (empty)\n" \
" If issuer_crt is specified, issuer_name is\n" \
" ignored!\n" \
" issuer_name=%%s default: CN=CA,O=mbed TLS,C=UK\n" \
"\n" \
" selfsign=%%d default: 0 (false)\n" \
" If selfsign is enabled, issuer_name and\n" \
" issuer_key are required (issuer_crt and\n" \
" subject_* are ignored\n" \
" issuer_key=%%s default: ca.key\n" \
" issuer_pwd=%%s default: (empty)\n" \
" output_file=%%s default: cert.crt\n" \
" serial=%%s default: 1\n" \
" not_before=%%s default: 20010101000000\n"\
" not_after=%%s default: 20301231235959\n"\
" is_ca=%%d default: 0 (disabled)\n" \
" max_pathlen=%%d default: -1 (none)\n" \
" key_usage=%%s default: (empty)\n" \
" Comma-separated-list of values:\n" \
" digital_signature\n" \
" non_repudiation\n" \
" key_encipherment\n" \
" data_encipherment\n" \
" key_agreement\n" \
" key_certificate_sign\n" \
" crl_sign\n" \
" ns_cert_type=%%s default: (empty)\n" \
" Comma-separated-list of values:\n" \
" ssl_client\n" \
" ssl_server\n" \
" email\n" \
" object_signing\n" \
" ssl_ca\n" \
" email_ca\n" \
" object_signing_ca\n" \
"\n"
int main( int argc, char *argv[] )
{
int ret = 0;
@@ -209,7 +211,7 @@ int main( int argc, char *argv[] )
* Set to sane values
*/
x509write_crt_init( &crt );
x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA1 );
x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA256 );
pk_init( &loaded_issuer_key );
pk_init( &loaded_subject_key );
mpi_init( &serial );

36
programs/x509/crl_app.c
View File

@@ -29,31 +29,37 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_X509_CRL_PARSE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/x509_crl.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#define DFL_FILENAME "crl.pem"
#define DFL_DEBUG_LEVEL 0
#define USAGE \
"\n usage: crl_app param=<>...\n" \
"\n acceptable parameters:\n" \
" filename=%%s default: crl.pem\n" \
"\n"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRL_PARSE_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRL_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
#define DFL_FILENAME "crl.pem"
#define DFL_DEBUG_LEVEL 0
/*
* global options
*/
@@ -62,12 +68,6 @@ struct options
const char *filename; /* filename of the certificate file */
} opt;
#define USAGE \
"\n usage: crl_app param=<>...\n" \
"\n acceptable parameters:\n" \
" filename=%%s default: crl.pem\n" \
"\n"
int main( int argc, char *argv[] )
{
int ret = 0;

36
programs/x509/req_app.c
View File

@@ -29,31 +29,37 @@
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \
defined(POLARSSL_X509_CSR_PARSE_C) && defined(POLARSSL_FS_IO)
#include "polarssl/x509_csr.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#define DFL_FILENAME "cert.req"
#define DFL_DEBUG_LEVEL 0
#define USAGE \
"\n usage: req_app param=<>...\n" \
"\n acceptable parameters:\n" \
" filename=%%s default: cert.req\n" \
"\n"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CSR_PARSE_C) || !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
int main( void )
{
((void) argc);
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CSR_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
#define DFL_FILENAME "cert.req"
#define DFL_DEBUG_LEVEL 0
/*
* global options
*/
@@ -62,12 +68,6 @@ struct options
const char *filename; /* filename of the certificate request */
} opt;
#define USAGE \
"\n usage: req_app param=<>...\n" \
"\n acceptable parameters:\n" \
" filename=%%s default: cert.req\n" \
"\n"
int main( int argc, char *argv[] )
{
int ret = 0;