mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 23:54:15 +01:00
Merge remote-tracking branch 'origin/pr/2681' into development
* origin/pr/2681: unconditional mbedtls_ssl_conf_rng Adding usage and removing dummy random comment alignment Commit to C90 style Adds missing ret definition More clarity for ifdef orders Only warns if MBEDTLS_HAVE_TIME Option used added in string Code review Style fixes SSL reproducible test mode
This commit is contained in:
commit
8d936e87fb
@ -131,6 +131,7 @@ int main( void )
|
|||||||
#define DFL_ETM -1
|
#define DFL_ETM -1
|
||||||
#define DFL_CA_CALLBACK 0
|
#define DFL_CA_CALLBACK 0
|
||||||
#define DFL_EAP_TLS 0
|
#define DFL_EAP_TLS 0
|
||||||
|
#define DFL_REPRODUCIBLE 0
|
||||||
|
|
||||||
#define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: "
|
#define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: "
|
||||||
#define GET_REQUEST_END "\r\n\r\n"
|
#define GET_REQUEST_END "\r\n\r\n"
|
||||||
@ -313,6 +314,9 @@ int main( void )
|
|||||||
#define USAGE_ETM ""
|
#define USAGE_ETM ""
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#define USAGE_REPRODUCIBLE \
|
||||||
|
" reproducible=0/1 default: 0 (disabled)\n"
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||||
#define USAGE_RENEGO \
|
#define USAGE_RENEGO \
|
||||||
" renegotiation=%%d default: 0 (disabled)\n" \
|
" renegotiation=%%d default: 0 (disabled)\n" \
|
||||||
@ -384,6 +388,7 @@ int main( void )
|
|||||||
USAGE_FALLBACK \
|
USAGE_FALLBACK \
|
||||||
USAGE_EMS \
|
USAGE_EMS \
|
||||||
USAGE_ETM \
|
USAGE_ETM \
|
||||||
|
USAGE_REPRODUCIBLE \
|
||||||
USAGE_CURVES \
|
USAGE_CURVES \
|
||||||
USAGE_RECSPLIT \
|
USAGE_RECSPLIT \
|
||||||
USAGE_DHMLEN \
|
USAGE_DHMLEN \
|
||||||
@ -484,6 +489,7 @@ struct options
|
|||||||
const char *cid_val; /* the CID to use for incoming messages */
|
const char *cid_val; /* the CID to use for incoming messages */
|
||||||
const char *cid_val_renego; /* the CID to use for incoming messages
|
const char *cid_val_renego; /* the CID to use for incoming messages
|
||||||
* after renegotiation */
|
* after renegotiation */
|
||||||
|
int reproducible; /* make communication reproducible */
|
||||||
} opt;
|
} opt;
|
||||||
|
|
||||||
int query_config( const char *config );
|
int query_config( const char *config );
|
||||||
@ -540,6 +546,28 @@ static void my_debug( void *ctx, int level,
|
|||||||
fflush( (FILE *) ctx );
|
fflush( (FILE *) ctx );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
|
||||||
|
{
|
||||||
|
(void) time;
|
||||||
|
return 0x5af2a056;
|
||||||
|
}
|
||||||
|
|
||||||
|
int dummy_entropy( void *data, unsigned char *output, size_t len )
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
int ret;
|
||||||
|
(void) data;
|
||||||
|
|
||||||
|
ret = mbedtls_entropy_func( data, output, len );
|
||||||
|
for ( i = 0; i < len; i++ )
|
||||||
|
{
|
||||||
|
//replace result with pseudo random
|
||||||
|
output[i] = (unsigned char) rand();
|
||||||
|
}
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
||||||
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
||||||
mbedtls_x509_crt **candidates )
|
mbedtls_x509_crt **candidates )
|
||||||
@ -1027,6 +1055,7 @@ int main( int argc, char *argv[] )
|
|||||||
opt.etm = DFL_ETM;
|
opt.etm = DFL_ETM;
|
||||||
opt.dgram_packing = DFL_DGRAM_PACKING;
|
opt.dgram_packing = DFL_DGRAM_PACKING;
|
||||||
opt.eap_tls = DFL_EAP_TLS;
|
opt.eap_tls = DFL_EAP_TLS;
|
||||||
|
opt.reproducible = DFL_REPRODUCIBLE;
|
||||||
|
|
||||||
for( i = 1; i < argc; i++ )
|
for( i = 1; i < argc; i++ )
|
||||||
{
|
{
|
||||||
@ -1413,6 +1442,10 @@ int main( int argc, char *argv[] )
|
|||||||
if( opt.eap_tls < 0 || opt.eap_tls > 1 )
|
if( opt.eap_tls < 0 || opt.eap_tls > 1 )
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
else if( strcmp( p, "reproducible" ) == 0 )
|
||||||
|
{
|
||||||
|
opt.reproducible = 1;
|
||||||
|
}
|
||||||
else
|
else
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
@ -1665,6 +1698,20 @@ int main( int argc, char *argv[] )
|
|||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
mbedtls_entropy_init( &entropy );
|
mbedtls_entropy_init( &entropy );
|
||||||
|
if (opt.reproducible)
|
||||||
|
{
|
||||||
|
srand( 1 );
|
||||||
|
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy,
|
||||||
|
&entropy, (const unsigned char *) pers,
|
||||||
|
strlen( pers ) ) ) != 0 )
|
||||||
|
{
|
||||||
|
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
||||||
|
-ret );
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
|
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
|
||||||
&entropy, (const unsigned char *) pers,
|
&entropy, (const unsigned char *) pers,
|
||||||
strlen( pers ) ) ) != 0 )
|
strlen( pers ) ) ) != 0 )
|
||||||
@ -1673,6 +1720,7 @@ int main( int argc, char *argv[] )
|
|||||||
-ret );
|
-ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
mbedtls_printf( " ok\n" );
|
mbedtls_printf( " ok\n" );
|
||||||
|
|
||||||
@ -1964,6 +2012,16 @@ int main( int argc, char *argv[] )
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
if (opt.reproducible)
|
||||||
|
{
|
||||||
|
#if defined(MBEDTLS_HAVE_TIME)
|
||||||
|
#if defined(MBEDTLS_PLATFORM_TIME_ALT)
|
||||||
|
mbedtls_platform_set_time( dummy_constant_time );
|
||||||
|
#else
|
||||||
|
fprintf( stderr, "Warning: reproducible option used without constant time\n" );
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
}
|
||||||
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
|
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||||
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
|
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
|
||||||
|
|
||||||
|
@ -173,6 +173,7 @@ int main( void )
|
|||||||
#define DFL_ETM -1
|
#define DFL_ETM -1
|
||||||
#define DFL_CA_CALLBACK 0
|
#define DFL_CA_CALLBACK 0
|
||||||
#define DFL_EAP_TLS 0
|
#define DFL_EAP_TLS 0
|
||||||
|
#define DFL_REPRODUCIBLE 0
|
||||||
|
|
||||||
#define LONG_RESPONSE "<p>01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
|
#define LONG_RESPONSE "<p>01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
|
||||||
"02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
|
"02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
|
||||||
@ -403,6 +404,9 @@ int main( void )
|
|||||||
#define USAGE_ETM ""
|
#define USAGE_ETM ""
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#define USAGE_REPRODUCIBLE \
|
||||||
|
" reproducible=0/1 default: 0 (disabled)\n"
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||||
#define USAGE_RENEGO \
|
#define USAGE_RENEGO \
|
||||||
" renegotiation=%%d default: 0 (disabled)\n" \
|
" renegotiation=%%d default: 0 (disabled)\n" \
|
||||||
@ -471,6 +475,7 @@ int main( void )
|
|||||||
"\n" \
|
"\n" \
|
||||||
USAGE_TICKETS \
|
USAGE_TICKETS \
|
||||||
USAGE_EAP_TLS \
|
USAGE_EAP_TLS \
|
||||||
|
USAGE_REPRODUCIBLE \
|
||||||
USAGE_CACHE \
|
USAGE_CACHE \
|
||||||
USAGE_MAX_FRAG_LEN \
|
USAGE_MAX_FRAG_LEN \
|
||||||
USAGE_TRUNC_HMAC \
|
USAGE_TRUNC_HMAC \
|
||||||
@ -599,6 +604,7 @@ struct options
|
|||||||
const char *cid_val; /* the CID to use for incoming messages */
|
const char *cid_val; /* the CID to use for incoming messages */
|
||||||
const char *cid_val_renego; /* the CID to use for incoming messages
|
const char *cid_val_renego; /* the CID to use for incoming messages
|
||||||
* after renegotiation */
|
* after renegotiation */
|
||||||
|
int reproducible; /* make communication reproducible */
|
||||||
} opt;
|
} opt;
|
||||||
|
|
||||||
int query_config( const char *config );
|
int query_config( const char *config );
|
||||||
@ -654,6 +660,26 @@ static void my_debug( void *ctx, int level,
|
|||||||
fflush( (FILE *) ctx );
|
fflush( (FILE *) ctx );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
|
||||||
|
{
|
||||||
|
(void) time;
|
||||||
|
return 0x5af2a056;
|
||||||
|
}
|
||||||
|
|
||||||
|
int dummy_entropy( void *data, unsigned char *output, size_t len )
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
int ret;
|
||||||
|
(void) data;
|
||||||
|
|
||||||
|
ret = mbedtls_entropy_func( data, output, len );
|
||||||
|
for (i = 0; i < len; i++ ) {
|
||||||
|
//replace result with pseudo random
|
||||||
|
output[i] = (unsigned char) rand();
|
||||||
|
}
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
||||||
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
||||||
mbedtls_x509_crt **candidates)
|
mbedtls_x509_crt **candidates)
|
||||||
@ -1730,6 +1756,7 @@ int main( int argc, char *argv[] )
|
|||||||
opt.extended_ms = DFL_EXTENDED_MS;
|
opt.extended_ms = DFL_EXTENDED_MS;
|
||||||
opt.etm = DFL_ETM;
|
opt.etm = DFL_ETM;
|
||||||
opt.eap_tls = DFL_EAP_TLS;
|
opt.eap_tls = DFL_EAP_TLS;
|
||||||
|
opt.reproducible = DFL_REPRODUCIBLE;
|
||||||
|
|
||||||
for( i = 1; i < argc; i++ )
|
for( i = 1; i < argc; i++ )
|
||||||
{
|
{
|
||||||
@ -2148,6 +2175,10 @@ int main( int argc, char *argv[] )
|
|||||||
if( opt.eap_tls < 0 || opt.eap_tls > 1 )
|
if( opt.eap_tls < 0 || opt.eap_tls > 1 )
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
else if( strcmp( p, "reproducible" ) == 0 )
|
||||||
|
{
|
||||||
|
opt.reproducible = 1;
|
||||||
|
}
|
||||||
else
|
else
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
@ -2448,6 +2479,20 @@ int main( int argc, char *argv[] )
|
|||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
mbedtls_entropy_init( &entropy );
|
mbedtls_entropy_init( &entropy );
|
||||||
|
if (opt.reproducible)
|
||||||
|
{
|
||||||
|
srand( 1 );
|
||||||
|
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy,
|
||||||
|
&entropy, (const unsigned char *) pers,
|
||||||
|
strlen( pers ) ) ) != 0 )
|
||||||
|
{
|
||||||
|
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
||||||
|
-ret );
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
|
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
|
||||||
&entropy, (const unsigned char *) pers,
|
&entropy, (const unsigned char *) pers,
|
||||||
strlen( pers ) ) ) != 0 )
|
strlen( pers ) ) ) != 0 )
|
||||||
@ -2456,6 +2501,7 @@ int main( int argc, char *argv[] )
|
|||||||
-ret );
|
-ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
mbedtls_printf( " ok\n" );
|
mbedtls_printf( " ok\n" );
|
||||||
|
|
||||||
@ -2786,6 +2832,16 @@ int main( int argc, char *argv[] )
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
if (opt.reproducible)
|
||||||
|
{
|
||||||
|
#if defined(MBEDTLS_HAVE_TIME)
|
||||||
|
#if defined(MBEDTLS_PLATFORM_TIME_ALT)
|
||||||
|
mbedtls_platform_set_time( dummy_constant_time );
|
||||||
|
#else
|
||||||
|
fprintf( stderr, "Warning: reproducible option used without constant time\n" );
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
}
|
||||||
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
|
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||||
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
|
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user