mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 02:45:41 +01:00
SSL test programs: move RNG common code to ssl_test_lib
This commit is deliberately arranged to minimize code changes. Subsequent commits will clean up the resulting code. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
b3715eb86e
commit
daa94c4ff5
@ -742,8 +742,7 @@ int main( int argc, char *argv[] )
|
|||||||
mbedtls_ssl_config_init( &conf );
|
mbedtls_ssl_config_init( &conf );
|
||||||
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
|
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
|
||||||
rng_context_t *rng = &rng_context;
|
rng_context_t *rng = &rng_context;
|
||||||
mbedtls_ctr_drbg_init( &rng->drbg );
|
rng_init( rng );
|
||||||
mbedtls_entropy_init( &rng->entropy );
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
mbedtls_x509_crt_init( &cacert );
|
mbedtls_x509_crt_init( &cacert );
|
||||||
mbedtls_x509_crt_init( &clicert );
|
mbedtls_x509_crt_init( &clicert );
|
||||||
@ -1536,30 +1535,8 @@ int main( int argc, char *argv[] )
|
|||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
int reproducible = opt.reproducible;
|
int reproducible = opt.reproducible;
|
||||||
if ( reproducible )
|
if( rng_seed( rng, reproducible, pers ) != 0 )
|
||||||
{
|
|
||||||
srand( 1 );
|
|
||||||
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy,
|
|
||||||
&rng->entropy, (const unsigned char *) pers,
|
|
||||||
strlen( pers ) ) ) != 0 )
|
|
||||||
{
|
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
|
||||||
(unsigned int) -ret );
|
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func,
|
|
||||||
&rng->entropy, (const unsigned char *) pers,
|
|
||||||
strlen( pers ) ) ) != 0 )
|
|
||||||
{
|
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
|
||||||
(unsigned int) -ret );
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
mbedtls_printf( " ok\n" );
|
mbedtls_printf( " ok\n" );
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
@ -3025,8 +3002,7 @@ exit:
|
|||||||
mbedtls_ssl_session_free( &saved_session );
|
mbedtls_ssl_session_free( &saved_session );
|
||||||
mbedtls_ssl_free( &ssl );
|
mbedtls_ssl_free( &ssl );
|
||||||
mbedtls_ssl_config_free( &conf );
|
mbedtls_ssl_config_free( &conf );
|
||||||
mbedtls_ctr_drbg_free( &rng->drbg );
|
rng_free( rng );
|
||||||
mbedtls_entropy_free( &rng->entropy );
|
|
||||||
if( session_data != NULL )
|
if( session_data != NULL )
|
||||||
mbedtls_platform_zeroize( session_data, session_data_len );
|
mbedtls_platform_zeroize( session_data, session_data_len );
|
||||||
mbedtls_free( session_data );
|
mbedtls_free( session_data );
|
||||||
|
@ -1377,8 +1377,7 @@ int main( int argc, char *argv[] )
|
|||||||
mbedtls_ssl_init( &ssl );
|
mbedtls_ssl_init( &ssl );
|
||||||
mbedtls_ssl_config_init( &conf );
|
mbedtls_ssl_config_init( &conf );
|
||||||
rng_context_t *rng = &rng_context;
|
rng_context_t *rng = &rng_context;
|
||||||
mbedtls_ctr_drbg_init( &rng->drbg );
|
rng_init( rng );
|
||||||
mbedtls_entropy_init( &rng->entropy );
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
mbedtls_x509_crt_init( &cacert );
|
mbedtls_x509_crt_init( &cacert );
|
||||||
mbedtls_x509_crt_init( &srvcert );
|
mbedtls_x509_crt_init( &srvcert );
|
||||||
@ -2295,30 +2294,8 @@ int main( int argc, char *argv[] )
|
|||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
int reproducible = opt.reproducible;
|
int reproducible = opt.reproducible;
|
||||||
if ( reproducible )
|
if( rng_seed( rng, reproducible, pers ) != 0 )
|
||||||
{
|
|
||||||
srand( 1 );
|
|
||||||
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy,
|
|
||||||
&rng->entropy, (const unsigned char *) pers,
|
|
||||||
strlen( pers ) ) ) != 0 )
|
|
||||||
{
|
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
|
||||||
(unsigned int) -ret );
|
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func,
|
|
||||||
&rng->entropy, (const unsigned char *) pers,
|
|
||||||
strlen( pers ) ) ) != 0 )
|
|
||||||
{
|
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
|
||||||
(unsigned int) -ret );
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
mbedtls_printf( " ok\n" );
|
mbedtls_printf( " ok\n" );
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
@ -3999,8 +3976,7 @@ exit:
|
|||||||
|
|
||||||
mbedtls_ssl_free( &ssl );
|
mbedtls_ssl_free( &ssl );
|
||||||
mbedtls_ssl_config_free( &conf );
|
mbedtls_ssl_config_free( &conf );
|
||||||
mbedtls_ctr_drbg_free( &rng->drbg );
|
rng_free( rng );
|
||||||
mbedtls_entropy_free( &rng->entropy );
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||||
mbedtls_ssl_cache_free( &cache );
|
mbedtls_ssl_cache_free( &cache );
|
||||||
|
@ -61,6 +61,52 @@ int dummy_entropy( void *data, unsigned char *output, size_t len )
|
|||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void rng_init( rng_context_t *rng )
|
||||||
|
{
|
||||||
|
mbedtls_ctr_drbg_init( &rng->drbg );
|
||||||
|
mbedtls_entropy_init( &rng->entropy );
|
||||||
|
}
|
||||||
|
|
||||||
|
int rng_seed( rng_context_t *rng, int reproducible, const char *pers )
|
||||||
|
{
|
||||||
|
int ret = 0;
|
||||||
|
|
||||||
|
if ( reproducible )
|
||||||
|
{
|
||||||
|
srand( 1 );
|
||||||
|
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy,
|
||||||
|
&rng->entropy, (const unsigned char *) pers,
|
||||||
|
strlen( pers ) ) ) != 0 )
|
||||||
|
{
|
||||||
|
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
||||||
|
(unsigned int) -ret );
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func,
|
||||||
|
&rng->entropy, (const unsigned char *) pers,
|
||||||
|
strlen( pers ) ) ) != 0 )
|
||||||
|
{
|
||||||
|
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
||||||
|
(unsigned int) -ret );
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
return( 0 );
|
||||||
|
exit:
|
||||||
|
return( 1 );
|
||||||
|
}
|
||||||
|
|
||||||
|
void rng_free( rng_context_t *rng )
|
||||||
|
{
|
||||||
|
mbedtls_ctr_drbg_free( &rng->drbg );
|
||||||
|
mbedtls_entropy_free( &rng->entropy );
|
||||||
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
||||||
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
||||||
mbedtls_x509_crt **candidates )
|
mbedtls_x509_crt **candidates )
|
||||||
|
@ -128,7 +128,7 @@ mbedtls_time_t dummy_constant_time( mbedtls_time_t* time );
|
|||||||
|
|
||||||
int dummy_entropy( void *data, unsigned char *output, size_t len );
|
int dummy_entropy( void *data, unsigned char *output, size_t len );
|
||||||
|
|
||||||
/** A context for random generation.
|
/** A context for random number generation (RNG).
|
||||||
*/
|
*/
|
||||||
typedef struct
|
typedef struct
|
||||||
{
|
{
|
||||||
@ -136,6 +136,36 @@ typedef struct
|
|||||||
mbedtls_ctr_drbg_context drbg;
|
mbedtls_ctr_drbg_context drbg;
|
||||||
} rng_context_t;
|
} rng_context_t;
|
||||||
|
|
||||||
|
/** Initialize the RNG.
|
||||||
|
*
|
||||||
|
* This function only initializes the memory used by the RNG context.
|
||||||
|
* Before using the RNG, it must be seeded with rng_seed().
|
||||||
|
*/
|
||||||
|
void rng_init( rng_context_t *rng );
|
||||||
|
|
||||||
|
/* Seed the random number generator.
|
||||||
|
*
|
||||||
|
* \param rng The RNG context to use. It must have been initialized
|
||||||
|
* with rng_init().
|
||||||
|
* \param reproducible If zero, seed the RNG from entropy.
|
||||||
|
* If nonzero, use a fixed seed, so that the program
|
||||||
|
* will produce the same sequence of random numbers
|
||||||
|
* each time it is invoked.
|
||||||
|
* \param pers A null-terminated string. Different values for this
|
||||||
|
* string cause the RNG to emit different output for
|
||||||
|
* the same seed.
|
||||||
|
*
|
||||||
|
* return 0 on success, a negative value on error.
|
||||||
|
*/
|
||||||
|
int rng_seed( rng_context_t *rng, int reproducible, const char *pers );
|
||||||
|
|
||||||
|
/** Deinitialize the RNG. Free any embedded resource.
|
||||||
|
*
|
||||||
|
* \param rng The RNG context to deinitialize. It must have been
|
||||||
|
* initialized with rng_init().
|
||||||
|
*/
|
||||||
|
void rng_free( rng_context_t *rng );
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
||||||
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
||||||
mbedtls_x509_crt **candidates );
|
mbedtls_x509_crt **candidates );
|
||||||
|
Loading…
Reference in New Issue
Block a user