2021-01-05 20:11:16 +00:00
|
|
|
/*
|
2021-01-05 22:34:27 +00:00
|
|
|
* Common code library for SSL test programs.
|
|
|
|
*
|
|
|
|
* In addition to the functions in this file, there is shared source code
|
|
|
|
* that cannot be compiled separately in "ssl_test_common_source.c".
|
2021-01-05 20:11:16 +00:00
|
|
|
*
|
|
|
|
* Copyright The Mbed TLS Contributors
|
|
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
|
|
* not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
|
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include "ssl_test_lib.h"
|
|
|
|
|
2021-01-05 20:27:53 +00:00
|
|
|
#if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
|
|
|
|
|
2021-01-05 22:40:14 +00:00
|
|
|
void my_debug( void *ctx, int level,
|
|
|
|
const char *file, int line,
|
|
|
|
const char *str )
|
|
|
|
{
|
|
|
|
const char *p, *basename;
|
|
|
|
|
|
|
|
/* Extract basename from file */
|
|
|
|
for( p = basename = file; *p != '\0'; p++ )
|
|
|
|
if( *p == '/' || *p == '\\' )
|
|
|
|
basename = p + 1;
|
|
|
|
|
|
|
|
mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s",
|
|
|
|
basename, line, level, str );
|
|
|
|
fflush( (FILE *) ctx );
|
|
|
|
}
|
|
|
|
|
|
|
|
mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
|
|
|
|
{
|
|
|
|
(void) time;
|
|
|
|
return 0x5af2a056;
|
|
|
|
}
|
|
|
|
|
|
|
|
int dummy_entropy( void *data, unsigned char *output, size_t len )
|
|
|
|
{
|
|
|
|
size_t i;
|
|
|
|
int ret;
|
|
|
|
(void) data;
|
|
|
|
|
|
|
|
ret = mbedtls_entropy_func( data, output, len );
|
|
|
|
for( i = 0; i < len; i++ )
|
|
|
|
{
|
|
|
|
//replace result with pseudo random
|
|
|
|
output[i] = (unsigned char) rand();
|
|
|
|
}
|
|
|
|
return( ret );
|
|
|
|
}
|
|
|
|
|
2021-01-13 17:38:27 +00:00
|
|
|
void rng_init( rng_context_t *rng )
|
|
|
|
{
|
|
|
|
mbedtls_ctr_drbg_init( &rng->drbg );
|
|
|
|
mbedtls_entropy_init( &rng->entropy );
|
|
|
|
}
|
|
|
|
|
|
|
|
int rng_seed( rng_context_t *rng, int reproducible, const char *pers )
|
|
|
|
{
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
if ( reproducible )
|
|
|
|
{
|
|
|
|
srand( 1 );
|
|
|
|
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy,
|
|
|
|
&rng->entropy, (const unsigned char *) pers,
|
|
|
|
strlen( pers ) ) ) != 0 )
|
|
|
|
{
|
|
|
|
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
|
|
|
(unsigned int) -ret );
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func,
|
|
|
|
&rng->entropy, (const unsigned char *) pers,
|
|
|
|
strlen( pers ) ) ) != 0 )
|
|
|
|
{
|
|
|
|
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
|
|
|
(unsigned int) -ret );
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return( 0 );
|
|
|
|
exit:
|
|
|
|
return( 1 );
|
|
|
|
}
|
|
|
|
|
|
|
|
void rng_free( rng_context_t *rng )
|
|
|
|
{
|
|
|
|
mbedtls_ctr_drbg_free( &rng->drbg );
|
|
|
|
mbedtls_entropy_free( &rng->entropy );
|
|
|
|
}
|
|
|
|
|
2021-01-05 22:40:14 +00:00
|
|
|
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
|
|
|
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
|
|
|
mbedtls_x509_crt **candidates )
|
|
|
|
{
|
|
|
|
int ret = 0;
|
|
|
|
mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
|
|
|
|
mbedtls_x509_crt *first;
|
|
|
|
|
|
|
|
/* This is a test-only implementation of the CA callback
|
|
|
|
* which always returns the entire list of trusted certificates.
|
|
|
|
* Production implementations managing a large number of CAs
|
|
|
|
* should use an efficient presentation and lookup for the
|
|
|
|
* set of trusted certificates (such as a hashtable) and only
|
|
|
|
* return those trusted certificates which satisfy basic
|
|
|
|
* parental checks, such as the matching of child `Issuer`
|
|
|
|
* and parent `Subject` field or matching key identifiers. */
|
|
|
|
((void) child);
|
|
|
|
|
|
|
|
first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
|
|
|
|
if( first == NULL )
|
|
|
|
{
|
|
|
|
ret = -1;
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
mbedtls_x509_crt_init( first );
|
|
|
|
|
|
|
|
if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
|
|
|
|
{
|
|
|
|
ret = -1;
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
while( ca->next != NULL )
|
|
|
|
{
|
|
|
|
ca = ca->next;
|
|
|
|
if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
|
|
|
|
{
|
|
|
|
ret = -1;
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
exit:
|
|
|
|
|
|
|
|
if( ret != 0 )
|
|
|
|
{
|
|
|
|
mbedtls_x509_crt_free( first );
|
|
|
|
mbedtls_free( first );
|
|
|
|
first = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
*candidates = first;
|
|
|
|
return( ret );
|
|
|
|
}
|
|
|
|
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
|
|
|
|
|
|
|
|
int delayed_recv( void *ctx, unsigned char *buf, size_t len )
|
|
|
|
{
|
|
|
|
static int first_try = 1;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
if( first_try )
|
|
|
|
{
|
|
|
|
first_try = 0;
|
|
|
|
return( MBEDTLS_ERR_SSL_WANT_READ );
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = mbedtls_net_recv( ctx, buf, len );
|
|
|
|
if( ret != MBEDTLS_ERR_SSL_WANT_READ )
|
|
|
|
first_try = 1; /* Next call will be a new operation */
|
|
|
|
return( ret );
|
|
|
|
}
|
|
|
|
|
|
|
|
int delayed_send( void *ctx, const unsigned char *buf, size_t len )
|
|
|
|
{
|
|
|
|
static int first_try = 1;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
if( first_try )
|
|
|
|
{
|
|
|
|
first_try = 0;
|
|
|
|
return( MBEDTLS_ERR_SSL_WANT_WRITE );
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = mbedtls_net_send( ctx, buf, len );
|
|
|
|
if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
|
|
|
|
first_try = 1; /* Next call will be a new operation */
|
|
|
|
return( ret );
|
|
|
|
}
|
|
|
|
|
|
|
|
#if !defined(MBEDTLS_TIMING_C)
|
|
|
|
int idle( mbedtls_net_context *fd,
|
|
|
|
int idle_reason )
|
|
|
|
#else
|
|
|
|
int idle( mbedtls_net_context *fd,
|
|
|
|
mbedtls_timing_delay_context *timer,
|
|
|
|
int idle_reason )
|
|
|
|
#endif
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
int poll_type = 0;
|
|
|
|
|
|
|
|
if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
|
|
|
|
poll_type = MBEDTLS_NET_POLL_WRITE;
|
|
|
|
else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
|
|
|
|
poll_type = MBEDTLS_NET_POLL_READ;
|
|
|
|
#if !defined(MBEDTLS_TIMING_C)
|
|
|
|
else
|
|
|
|
return( 0 );
|
|
|
|
#endif
|
|
|
|
|
|
|
|
while( 1 )
|
|
|
|
{
|
|
|
|
/* Check if timer has expired */
|
|
|
|
#if defined(MBEDTLS_TIMING_C)
|
|
|
|
if( timer != NULL &&
|
|
|
|
mbedtls_timing_get_delay( timer ) == 2 )
|
|
|
|
{
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
#endif /* MBEDTLS_TIMING_C */
|
|
|
|
|
|
|
|
/* Check if underlying transport became available */
|
|
|
|
if( poll_type != 0 )
|
|
|
|
{
|
|
|
|
ret = mbedtls_net_poll( fd, poll_type, 0 );
|
|
|
|
if( ret < 0 )
|
|
|
|
return( ret );
|
|
|
|
if( ret == poll_type )
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return( 0 );
|
|
|
|
}
|
|
|
|
|
2021-01-05 20:27:53 +00:00
|
|
|
#endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */
|