yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 22:25:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'development' of ssh://github.com/ARMmbed/mbedtls into development

Browse Source 
Conflicts:
	yotta/data/example-authcrypt/README.md
	yotta/data/example-benchmark/README.md
	yotta/data/example-hashing/README.md
	yotta/data/example-selftest/README.md
	yotta/data/example-tls-client/README.md
This commit is contained in:
Simon Butcher 2015-08-19 20:29:31 +01:00
commit a150050555
8 changed files with 94 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
library/timing.c
View File

@ -414,7 +414,9 @@ int mbedtls_timing_self_test( int verbose )
millisecs = mbedtls_timing_get_timer( &hires, 0 );
if( millisecs < 900 * secs || millisecs > 1100 * secs )
/* For some reason on Windows it looks like alarm has an extra delay
* (maybe related to creating a new thread). Allow some room here. */
if( millisecs < 800 * secs || millisecs > 1200 * secs + 300 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );

16
tests/suites/test_suite_pkwrite.function
View File

@ -25,16 +25,16 @@ void pk_write_pubkey_check( char *key_file )
mbedtls_pk_init( &key );
TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &key, key_file ) == 0 );
ret = mbedtls_pk_write_pubkey_pem( &key, buf, sizeof( buf ) - 1);
TEST_ASSERT( ret >= 0 );
ret = mbedtls_pk_write_pubkey_pem( &key, buf, sizeof( buf ));
TEST_ASSERT( ret == 0 );
f = fopen( key_file, "r" );
TEST_ASSERT( f != NULL );
ilen = fread( check_buf, 1, sizeof( check_buf ) - 1, f );
ilen = fread( check_buf, 1, sizeof( check_buf ), f );
fclose( f );
TEST_ASSERT( ilen == strlen( (char *) buf ) );
TEST_ASSERT( strncmp( (char *) buf, (char *) check_buf, sizeof( buf ) ) == 0 );
TEST_ASSERT( memcmp( (char *) buf, (char *) check_buf, ilen ) == 0 );
exit:
mbedtls_pk_free( &key );
@ -57,16 +57,16 @@ void pk_write_key_check( char *key_file )
mbedtls_pk_init( &key );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
ret = mbedtls_pk_write_key_pem( &key, buf, sizeof( buf ) - 1);
TEST_ASSERT( ret >= 0 );
ret = mbedtls_pk_write_key_pem( &key, buf, sizeof( buf ));
TEST_ASSERT( ret == 0 );
f = fopen( key_file, "r" );
TEST_ASSERT( f != NULL );
ilen = fread( check_buf, 1, sizeof( check_buf ) - 1, f );
ilen = fread( check_buf, 1, sizeof( check_buf ), f );
fclose( f );
TEST_ASSERT( ilen == strlen( (char *) buf ) );
TEST_ASSERT( strncmp( (char *) buf, (char *) check_buf, sizeof( buf ) ) == 0 );
TEST_ASSERT( memcmp( (char *) buf, (char *) check_buf, ilen ) == 0 );
exit:
mbedtls_pk_free( &key );

18
yotta/data/example-authcrypt/README.md
View File

@ -28,27 +28,19 @@ To build and run this example the following requirements are necessary:
yotta target frdm-k64f-gcc
```
4. Check that there are no missing dependencies:
```
$ yotta ls
```
If there are missing dependencies, yotta will list them in the terminal. Please install these before proceeding.
5. Build mbedtls and the examples. This may take a long time if this is your first compilation:
4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
```
$ yotta build
```
6. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-authcrypt.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-authcrypt.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
7. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. For settings, use 115200 baud, 8N1, no flow control. **Warning:** for this example, the baud rate is not the default 9600, it is 115200.
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. For settings, use 115200 baud, 8N1, no flow control. **Warning:** for this example, the baud rate is not the default 9600, it is 115200.
8. Press the reset button on the board.
7. Press the reset button on the board.
9. The output in the terminal window should look like:
8. The output in the terminal window should look like:
```
{{timeout;10}}

18
yotta/data/example-benchmark/README.md
View File

@ -28,27 +28,19 @@ To build and run this example the following requirements are necessary:
yotta target frdm-k64f-gcc
```
4. Check that there are no missing dependencies:
```
$ yotta ls
```
If there are missing dependencies, yotta will list them in the terminal. Please install these before proceeding.
5. Build mbedtls and the examples. This may take a long time if this is your first compilation:
4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
```
$ yotta build
```
6. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-benchmark.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-benchmark.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
7. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. For settings, use 115200 baud, 8N1, no flow control. **Warning:** for this example, the baud rate is not the default 9600, it is 115200.
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. For settings, use 115200 baud, 8N1, no flow control. **Warning:** for this example, the baud rate is not the default 9600, it is 115200.
8. Press the reset button on the board.
7. Press the reset button on the board.
9. The output in the terminal window should look like:
8. The output in the terminal window should look like:
```
{{timeout;150}}

19
yotta/data/example-hashing/README.md
View File

@ -28,28 +28,19 @@ To build and run this example the following requirements are necessary:
yotta target frdm-k64f-gcc
```
4. Check that there are no missing dependencies:
```
$ yotta ls
```
If there are missing dependencies, yotta will list them in the terminal. Please install these before proceeding.
5. Build mbedtls and the examples. This may take a long time if this is your first compilation:
4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
```
$ yotta build
```
6. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-hashing.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-hashing.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
7. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. For settings, use 115200 baud, 8N1, no flow control. **Warning:** for this example, the baud rate is not the default 9600, it is 115200.
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. For settings, use 115200 baud, 8N1, no flow control. **Warning:** for this example, the baud rate is not the default 9600, it is 115200.
8. Press the reset button on the board.
7. Press the reset button on the board.
9. The output in the terminal window should look like:
8. The output in the terminal window should look like:
```
{{timeout;10}}

18
yotta/data/example-selftest/README.md
View File

@ -28,27 +28,19 @@ To build and run this example the following requirements are necessary:
yotta target frdm-k64f-gcc
```
4. Check that there are no missing dependencies:
```
$ yotta ls
```
If there are missing dependencies, yotta will list them in the terminal. Please install these before proceeding.
5. Build mbedtls and the examples. This may take a long time if this is your first compilation:
4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
```
$ yotta build
```
6. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-selftest.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-selftest.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
7. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. For settings, use 115200 baud, 8N1, no flow control. **Warning:** for this example, the baud rate is not the default 9600, it is 115200.
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. For settings, use 115200 baud, 8N1, no flow control. **Warning:** for this example, the baud rate is not the default 9600, it is 115200.
8. Press the reset button on the board.
7. Press the reset button on the board.
9. The output in the terminal window should look like:
8. The output in the terminal window should look like:
```
{{timeout;40}}

39
yotta/data/example-tls-client/README.md
View File

@ -34,39 +34,34 @@ To build and run this example the following requirements are necessary:
yotta target frdm-k64f-gcc
```
5. Check that there are no missing dependencies:
```
$ yotta ls
```
If there are missing dependencies, yotta will list them in the terminal. Please install these before proceeding.
5. Build mbedtls and the examples. This will take a long time if it is the first time:
```
$ yotta build
```
7. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-tls-client.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
6. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-tls-client.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
8. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. For settings, use 115200 baud, 8N1, no flow control. **Warning:** for this example, the baud rate is not the default 9600, it is 115200.
7. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. For settings, use 115200 baud, 8N1, no flow control. **Warning:** for this example, the baud rate is not the default 9600, it is 115200.
9. Press the reset button on the board.
8. Press the reset button on the board.
10. The output in the terminal window should look similar to this:
9. The output in the terminal window should look similar to this:
```
{timeout;120}}
{{timeout;120}}
{{host_test_name;default}}
{{description;mbed TLS example HTTPS client}}
{{test_id;MBEDTLS_EX_HTTPS_CLIENT}}
{{start}}
Client IP Address is 192.168.0.2
Connecting to developer.mbed.org:443
developer.mbed.org address: 217.140.101.20
Starting DNS lookup for developer.mbed.org
DNS Response Received:
developer.mbed.org: 217.140.101.30
Connecting to 217.140.101.30:443
Connected to 217.140.101.30:443
Starting the TLS handshake...
TLS connection to developer.mbed.org established
Server certificate:
cert. version : 3
@ -83,25 +78,25 @@ To build and run this example the following requirements are necessary:
ext key usage : TLS Web Server Authentication, TLS Web Client Authentication
Certificate verification passed
HTTPS: Received 469 chars from server
HTTPS: Received 473 chars from server
HTTPS: Received 200 OK status ... [OK]
HTTPS: Received 'Hello world!' status ... [OK]
HTTPS: Received message:
HTTP/1.1 200 OK
Server: nginx/1.7.10
Date: Mon, 17 Aug 2015 11:46:19 GMT
Date: Tue, 18 Aug 2015 18:34:04 GMT
Content-Type: text/plain
Content-Length: 14
Connection: keep-alive
Last-Modified: Fri, 27 Jul 2012 13:30:34 GMT
Accept-Ranges: bytes
Cache-Control: max-age=36000
Expires: Mon, 17 Aug 2015 21:46:19 GMT
Expires: Wed, 19 Aug 2015 04:34:04 GMT
X-Upstream-L3: 172.17.42.1:8080
X-Upstream-L2: developer-sjc-cyan-1-nginx
X-Upstream-L1-next-hop: 217.140.101.22:8001
X-Upstream-L1: developer-sjc-cyan-border-nginx
X-Upstream-L2: developer-sjc-indigo-2-nginx
X-Upstream-L1-next-hop: 217.140.101.86:8001
X-Upstream-L1: developer-sjc-indigo-border-nginx
Hello world!
{{success}}

98
yotta/data/example-tls-client/main.cpp
View File

@ -48,10 +48,13 @@ int main() {
#define UNSAFE 0
#include "mbed.h"
#include "sal-iface-eth/EthernetInterface.h"
#include "EthernetInterface.h"
#include "mbed-net-sockets/TCPStream.h"
#include "test_env.h"
#include "minar/minar.h"
#include "lwipv4_init.h"
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
@ -60,8 +63,6 @@ int main() {
#include "mbedtls/debug.h"
#endif
#include "lwipv4_init.h"
namespace {
const char *HTTPS_SERVER_NAME = "developer.mbed.org";
const int HTTPS_SERVER_PORT = 443;
@ -216,11 +217,10 @@ public:
/* Connect to the server */
printf("Connecting to %s:%d\r\n", _domain, _port);
printf("Starting DNS lookup for %s\r\n", _domain);
/* Resolve the domain name: */
socket_error_t err = _stream.resolve(_domain, TCPStream::DNSHandler_t(this, &HelloHTTPS::onDNS));
if(err != SOCKET_ERROR_NONE)
_error = true;
_stream.error_check(err);
}
/**
* Check if the test has completed.
@ -259,19 +259,27 @@ protected:
* Debug callback for mbed TLS
* Just prints on the USB serial port
*/
static void my_debug(void *ctx, int level, const char *str)
static void my_debug(void *ctx, int level, const char *file, int line,
const char *str)
{
const char *p, *basename;
(void) ctx;
(void) level;
printf("%s", str);
/* Extract basename from file */
for(p = basename = file; *p != '\0'; p++) {
if(*p == '/' || *p == '\\') {
basename = p + 1;
}
}
printf("%s:%04d: |%d| %s", basename, line, level, str);
}
/**
* Certificate verification callback for mbed TLS
* Here we only use it to display information on each cert in the chain
*/
static int my_verify(void *data, mbedtls_x509_crt *crt, int depth, int *flags)
static int my_verify(void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags)
{
char buf[1024];
(void) data;
@ -330,23 +338,28 @@ protected:
printf("MBED: Socket Error: %s (%d)\r\n", socket_strerror(err), err);
_stream.close();
_error = true;
minar::Scheduler::stop();
MBED_HOSTTEST_RESULT(false);
}
/**
* On Connect handler
* Starts the TLS handshake
*/
void onConnect(TCPStream *s) {
char buf[16];
_remoteAddr.fmtIPv4(buf,sizeof(buf));
printf("Connected to %s:%d\r\n", buf, _port);
s->setOnReadable(TCPStream::ReadableHandler_t(this, &HelloHTTPS::onReceive));
s->setOnDisconnect(TCPStream::DisconnectHandler_t(this, &HelloHTTPS::onDisconnect));
/* Start the handshake, the rest will be done in onReceive() */
printf("Starting the TLS handshake...\r\n");
int ret = mbedtls_ssl_handshake(&_ssl);
if (ret < 0) {
if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
print_mbedtls_error("mbedtls_ssl_handshake", ret);
_error = true;
onError(s, SOCKET_ERROR_UNKNOWN);
}
return;
}
@ -356,9 +369,6 @@ protected:
* Parses the response from the server, to check for the HTTPS 200 status code and the expected response ("Hello World!")
*/
void onReceive(Socket *s) {
if (_error)
return;
/* Send request if not done yet */
if (!_request_sent) {
int ret = mbedtls_ssl_write(&_ssl, (const unsigned char *) _buffer, _bpos);
@ -366,7 +376,7 @@ protected:
if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
print_mbedtls_error("mbedtls_ssl_write", ret);
_error = true;
onError(s, SOCKET_ERROR_UNKNOWN);
}
return;
}
@ -398,10 +408,9 @@ protected:
/* Read data out of the socket */
int ret = mbedtls_ssl_read(&_ssl, (unsigned char *) _buffer, sizeof(_buffer));
if (ret < 0) {
if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
print_mbedtls_error("mbedtls_ssl_read", ret);
_error = true;
if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
print_mbedtls_error("mbedtls_ssl_read", ret);
onError(s, SOCKET_ERROR_UNKNOWN);
}
return;
}
@ -438,7 +447,8 @@ protected:
char buf[16];
_remoteAddr.setAddr(&addr);
_remoteAddr.fmtIPv4(buf,sizeof(buf));
printf("%s address: %s\r\n",domain, buf);
printf("DNS Response Received:\r\n%s: %s\r\n", domain, buf);
printf("Connecting to %s:%d\r\n", buf, _port);
socket_error_t err = _stream.connect(_remoteAddr, _port, TCPStream::ConnectHandler_t(this, &HelloHTTPS::onConnect));
if (err != SOCKET_ERROR_NONE) {
@ -448,7 +458,7 @@ protected:
}
void onDisconnect(TCPStream *s) {
s->close();
minar::Scheduler::stop();
MBED_HOSTTEST_RESULT(!error());
}
protected:
@ -474,33 +484,10 @@ protected:
/**
* The main loop of the HTTPS Hello World test
*/
int example_client() {
EthernetInterface eth;
/* Initialise with DHCP, connect, and start up the stack */
eth.init();
eth.connect();
lwipv4_socket_init();
EthernetInterface eth;
HelloHTTPS *hello;
printf("\r\n\r\n");
printf("Client IP Address is %s\r\n", eth.getIPAddress());
HelloHTTPS hello(HTTPS_SERVER_NAME, HTTPS_SERVER_PORT);
{
mbed::FunctionPointer1<void, const char*> fp(&hello, &HelloHTTPS::startTest);
minar::Scheduler::postCallback(fp.bind(HTTPS_PATH));
}
minar::Scheduler::start();
eth.disconnect();
return static_cast<int>(hello.error());
}
#include "mbed/test_env.h"
#include "minar/minar.h"
static void run() {
void app_start(int, char*[]) {
/* The default 9600 bps is too slow to print full TLS debug info and could
* cause the other party to time out. Select a higher baud rate for
* printf(), regardless of debug level for the sake of uniformity. */
@ -511,11 +498,18 @@ static void run() {
MBED_HOSTTEST_SELECT(default);
MBED_HOSTTEST_DESCRIPTION(mbed TLS example HTTPS client);
MBED_HOSTTEST_START("MBEDTLS_EX_HTTPS_CLIENT");
MBED_HOSTTEST_RESULT(example_client() == 0);
}
void app_start(int, char*[]) {
minar::Scheduler::postCallback(FunctionPointer0<void>(run).bind());
/* Initialise with DHCP, connect, and start up the stack */
eth.init();
eth.connect();
lwipv4_socket_init();
hello = new HelloHTTPS(HTTPS_SERVER_NAME, HTTPS_SERVER_PORT);
printf("Client IP Address is %s\r\n", eth.getIPAddress());
mbed::FunctionPointer1<void, const char*> fp(hello, &HelloHTTPS::startTest);
minar::Scheduler::postCallback(fp.bind(HTTPS_PATH));
}
#endif /* TARGET_LIKE_MBED */