Remove certs module from mbedtls.

Certs will be used only by tests and programs.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
This commit is contained in:
Mateusz Starzyk 2021-02-08 15:34:42 +01:00
parent e7e5252813
commit 1aec64642c
41 changed files with 68 additions and 249 deletions

View file

@ -0,0 +1,5 @@
API changes
* Remove certs module from the API.
Transfer keys and certificates embedded in the library to the test component.
This contributes to minimizing library API and discourages users
from using unsafe keys in production.

View file

@ -65,7 +65,6 @@
/* For test certificates */ /* For test certificates */
#define MBEDTLS_BASE64_C #define MBEDTLS_BASE64_C
#define MBEDTLS_CERTS_C
#define MBEDTLS_PEM_PARSE_C #define MBEDTLS_PEM_PARSE_C
/* For testing with compat.sh */ /* For testing with compat.sh */

View file

@ -2092,18 +2092,6 @@
*/ */
#define MBEDTLS_CCM_C #define MBEDTLS_CCM_C
/**
* \def MBEDTLS_CERTS_C
*
* Enable the test certificates.
*
* Module: library/certs.c
* Caller:
*
* This module is used for testing (ssl_client/server).
*/
#define MBEDTLS_CERTS_C
/** /**
* \def MBEDTLS_CHACHA20_C * \def MBEDTLS_CHACHA20_C
* *

View file

@ -73,7 +73,6 @@
/* For test certificates */ /* For test certificates */
#define MBEDTLS_BASE64_C #define MBEDTLS_BASE64_C
#define MBEDTLS_CERTS_C
#define MBEDTLS_PEM_PARSE_C #define MBEDTLS_PEM_PARSE_C
/* Save RAM at the expense of ROM */ /* Save RAM at the expense of ROM */

View file

@ -820,10 +820,6 @@
#error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites" #error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites"
#endif #endif
#if defined(MBEDTLS_CERTS_C) && !defined(MBEDTLS_X509_USE_C)
#error "MBEDTLS_CERTS_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) #if defined(MBEDTLS_X509_CRT_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
#error "MBEDTLS_X509_CRT_PARSE_C defined, but not all prerequisites" #error "MBEDTLS_X509_CRT_PARSE_C defined, but not all prerequisites"
#endif #endif

View file

@ -2537,18 +2537,6 @@
*/ */
#define MBEDTLS_CCM_C #define MBEDTLS_CCM_C
/**
* \def MBEDTLS_CERTS_C
*
* Enable the test certificates.
*
* Module: library/certs.c
* Caller:
*
* This module is used for testing (ssl_client/server).
*/
#define MBEDTLS_CERTS_C
/** /**
* \def MBEDTLS_CHACHA20_C * \def MBEDTLS_CHACHA20_C
* *

View file

@ -291,17 +291,6 @@ int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
*/ */
int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
#if defined(MBEDTLS_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int mbedtls_x509_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
/* /*
* Internal module functions. You probably do not want to use these unless you * Internal module functions. You probably do not want to use these unless you
* know you do. * know you do.

View file

@ -81,7 +81,6 @@ set(src_crypto
list(APPEND src_crypto ${thirdparty_src}) list(APPEND src_crypto ${thirdparty_src})
set(src_x509 set(src_x509
certs.c
pkcs11.c pkcs11.c
x509.c x509.c
x509_create.c x509_create.c

View file

@ -140,7 +140,6 @@ LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
OBJS_CRYPTO+=$(THIRDPARTY_CRYPTO_OBJECTS) OBJS_CRYPTO+=$(THIRDPARTY_CRYPTO_OBJECTS)
OBJS_X509= \ OBJS_X509= \
certs.o \
pkcs11.o \ pkcs11.o \
x509.o \ x509.o \
x509_create.o \ x509_create.o \

View file

@ -642,9 +642,6 @@ static const char * const features[] = {
#if defined(MBEDTLS_CCM_C) #if defined(MBEDTLS_CCM_C)
"MBEDTLS_CCM_C", "MBEDTLS_CCM_C",
#endif /* MBEDTLS_CCM_C */ #endif /* MBEDTLS_CCM_C */
#if defined(MBEDTLS_CERTS_C)
"MBEDTLS_CERTS_C",
#endif /* MBEDTLS_CERTS_C */
#if defined(MBEDTLS_CHACHA20_C) #if defined(MBEDTLS_CHACHA20_C)
"MBEDTLS_CHACHA20_C", "MBEDTLS_CHACHA20_C",
#endif /* MBEDTLS_CHACHA20_C */ #endif /* MBEDTLS_CHACHA20_C */

View file

@ -995,73 +995,4 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from )
return( 0 ); return( 0 );
} }
#endif /* MBEDTLS_HAVE_TIME_DATE */ #endif /* MBEDTLS_HAVE_TIME_DATE */
#if defined(MBEDTLS_SELF_TEST)
#include "mbedtls/x509_crt.h"
#include "mbedtls/certs.h"
/*
* Checkup routine
*/
int mbedtls_x509_self_test( int verbose )
{
int ret = 0;
#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C)
uint32_t flags;
mbedtls_x509_crt cacert;
mbedtls_x509_crt clicert;
if( verbose != 0 )
mbedtls_printf( " X.509 certificate load: " );
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt,
mbedtls_test_cli_crt_len );
if( ret != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
goto cleanup;
}
ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt,
mbedtls_test_ca_crt_len );
if( ret != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
goto cleanup;
}
if( verbose != 0 )
mbedtls_printf( "passed\n X.509 signature verify: ");
ret = mbedtls_x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL );
if( ret != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
goto cleanup;
}
if( verbose != 0 )
mbedtls_printf( "passed\n\n");
cleanup:
mbedtls_x509_crt_free( &cacert );
mbedtls_x509_crt_free( &clicert );
#else
((void) verbose);
#endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA256_C */
return( ret );
}
#endif /* MBEDTLS_SELF_TEST */
#endif /* MBEDTLS_X509_USE_C */ #endif /* MBEDTLS_X509_USE_C */

View file

@ -11,7 +11,7 @@ MBEDTLS_TEST_PATH:=../tests/src
MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c ${MBEDTLS_TEST_PATH}/drivers/*.c)) MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c ${MBEDTLS_TEST_PATH}/drivers/*.c))
LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64 LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64
LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -D_FILE_OFFSET_BITS=64 LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -I../tests/include -D_FILE_OFFSET_BITS=64
LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \
-L../library \ -L../library \
-lmbedtls$(SHARED_SUFFIX) \ -lmbedtls$(SHARED_SUFFIX) \

View file

@ -44,6 +44,7 @@ foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
endif() endif()
add_executable(${exe} ${exe_sources}) add_executable(${exe} ${exe_sources})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
if (NOT FUZZINGENGINE_LIB) if (NOT FUZZINGENGINE_LIB)
target_link_libraries(${exe} ${libs}) target_link_libraries(${exe} ${libs})

View file

@ -1,7 +1,7 @@
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h" #include "test/certs.h"
#include "common.h" #include "common.h"
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>

View file

@ -6,9 +6,8 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_SSL_PROTO_DTLS)
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h"
#include "mbedtls/timing.h" #include "mbedtls/timing.h"
#include "test/certs.h"
#if defined(MBEDTLS_SSL_CLI_C) && \ #if defined(MBEDTLS_SSL_CLI_C) && \
defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_ENTROPY_C) && \

View file

@ -3,10 +3,10 @@
#include <stdint.h> #include <stdint.h>
#include "common.h" #include "common.h"
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "test/certs.h"
#if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_SSL_PROTO_DTLS)
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h"
#include "mbedtls/timing.h" #include "mbedtls/timing.h"
#include "mbedtls/ssl_cookie.h" #include "mbedtls/ssl_cookie.h"

View file

@ -1,8 +1,8 @@
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h"
#include "mbedtls/ssl_ticket.h" #include "mbedtls/ssl_ticket.h"
#include "test/certs.h"
#include "common.h" #include "common.h"
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>

View file

@ -45,6 +45,7 @@ set_property(TARGET ssl_server2 APPEND PROPERTY SOURCES
if(THREADS_FOUND) if(THREADS_FOUND)
add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:mbedtls_test>) add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:mbedtls_test>)
target_include_directories(ssl_pthread_server PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT}) target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT})
list(APPEND executables ssl_pthread_server) list(APPEND executables ssl_pthread_server)
endif(THREADS_FOUND) endif(THREADS_FOUND)

View file

@ -39,14 +39,14 @@
!defined(MBEDTLS_NET_C) || !defined(MBEDTLS_TIMING_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_TIMING_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) !defined(MBEDTLS_PEM_PARSE_C)
int main( void ) int main( void )
{ {
mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or "
"MBEDTLS_NET_C and/or MBEDTLS_TIMING_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_TIMING_C and/or "
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
"MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" ); "MBEDTLS_PEM_PARSE_C not defined.\n" );
mbedtls_exit( 0 ); mbedtls_exit( 0 );
} }
#else #else
@ -59,8 +59,8 @@ int main( void )
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/certs.h"
#include "mbedtls/timing.h" #include "mbedtls/timing.h"
#include "test/certs.h"
/* Uncomment out the following line to default to IPv4 and disable IPv6 */ /* Uncomment out the following line to default to IPv4 and disable IPv6 */
//#define FORCE_IPV4 //#define FORCE_IPV4
@ -358,5 +358,4 @@ exit:
} }
#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C && #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C &&
MBEDTLD_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLD_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_CERTS_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_PEM_PARSE_C */
MBEDTLS_PEM_PARSE_C */

View file

@ -49,8 +49,7 @@
!defined(MBEDTLS_SSL_COOKIE_C) || !defined(MBEDTLS_NET_C) || \ !defined(MBEDTLS_SSL_COOKIE_C) || !defined(MBEDTLS_NET_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ !defined(MBEDTLS_PEM_PARSE_C) || !defined(MBEDTLS_TIMING_C)
!defined(MBEDTLS_TIMING_C)
int main( void ) int main( void )
{ {
@ -58,8 +57,7 @@ int main( void )
"MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or " "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or "
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
"MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or " "MBEDTLS_PEM_PARSE_C and/or MBEDTLS_TIMING_C not defined.\n" );
"MBEDTLS_TIMING_C not defined.\n" );
mbedtls_exit( 0 ); mbedtls_exit( 0 );
} }
#else #else
@ -74,7 +72,6 @@ int main( void )
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h"
#include "mbedtls/x509.h" #include "mbedtls/x509.h"
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/ssl_cookie.h" #include "mbedtls/ssl_cookie.h"
@ -82,6 +79,7 @@ int main( void )
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/debug.h" #include "mbedtls/debug.h"
#include "mbedtls/timing.h" #include "mbedtls/timing.h"
#include "test/certs.h"
#if defined(MBEDTLS_SSL_CACHE_C) #if defined(MBEDTLS_SSL_CACHE_C)
#include "mbedtls/ssl_cache.h" #include "mbedtls/ssl_cache.h"
@ -434,4 +432,4 @@ exit:
#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS && #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS &&
MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C &&
MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C
&& MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_TIMING_C */ && MBEDTLS_PEM_PARSE_C && MBEDTLS_TIMING_C */

View file

@ -37,11 +37,11 @@
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif /* MBEDTLS_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
!defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ !defined(MBEDTLS_PEM_PARSE_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) !defined(MBEDTLS_X509_CRT_PARSE_C)
int main( void ) int main( void )
{ {
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
@ -59,7 +59,7 @@ int main( void )
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/certs.h" #include "test/certs.h"
#include <string.h> #include <string.h>
@ -314,5 +314,4 @@ exit:
} }
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C */
MBEDTLS_X509_CRT_PARSE_C */

View file

@ -1581,7 +1581,6 @@ int main( int argc, char *argv[] )
ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
else else
#endif #endif
#if defined(MBEDTLS_CERTS_C)
{ {
#if defined(MBEDTLS_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) for( i = 0; mbedtls_test_cas[i] != NULL; i++ )
@ -1603,12 +1602,6 @@ int main( int argc, char *argv[] )
break; break;
} }
} }
#else
{
ret = 1;
mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
}
#endif /* MBEDTLS_CERTS_C */
if( ret < 0 ) if( ret < 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n",
@ -1634,16 +1627,9 @@ int main( int argc, char *argv[] )
ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file );
else else
#endif #endif
#if defined(MBEDTLS_CERTS_C)
ret = mbedtls_x509_crt_parse( &clicert, ret = mbedtls_x509_crt_parse( &clicert,
(const unsigned char *) mbedtls_test_cli_crt, (const unsigned char *) mbedtls_test_cli_crt,
mbedtls_test_cli_crt_len ); mbedtls_test_cli_crt_len );
#else
{
ret = 1;
mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
}
#endif
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n",
@ -1659,16 +1645,9 @@ int main( int argc, char *argv[] )
ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd ); ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd );
else else
#endif #endif
#if defined(MBEDTLS_CERTS_C)
ret = mbedtls_pk_parse_key( &pkey, ret = mbedtls_pk_parse_key( &pkey,
(const unsigned char *) mbedtls_test_cli_key, (const unsigned char *) mbedtls_test_cli_key,
mbedtls_test_cli_key_len, NULL, 0 ); mbedtls_test_cli_key_len, NULL, 0 );
#else
{
ret = 1;
mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
}
#endif
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n",

View file

@ -36,18 +36,18 @@
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif /* MBEDTLS_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \
!defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_TIMING_C) || \ !defined(MBEDTLS_TIMING_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C) !defined(MBEDTLS_PEM_PARSE_C)
int main( int argc, char *argv[] ) int main( int argc, char *argv[] )
{ {
((void) argc); ((void) argc);
((void) argv); ((void) argv);
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C "
"and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
@ -65,7 +65,7 @@ int main( void )
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h" #include "test/certs.h"
#include "mbedtls/x509.h" #include "mbedtls/x509.h"
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/net_sockets.h" #include "mbedtls/net_sockets.h"
@ -417,7 +417,7 @@ exit:
mbedtls_exit( exit_code ); mbedtls_exit( exit_code );
} }
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C &&
MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_PARSE_C &&
! _WIN32 */ ! _WIN32 */

View file

@ -65,7 +65,7 @@ int main( void )
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h" #include "test/certs.h"
#include "mbedtls/x509.h" #include "mbedtls/x509.h"
#include <stdlib.h> #include <stdlib.h>
@ -509,12 +509,12 @@ int main( int argc, char *argv[] )
ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
else else
#endif #endif
#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
mbedtls_test_cas_pem_len ); mbedtls_test_cas_pem_len );
#else #else
{ {
mbedtls_printf("MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined."); mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
goto exit; goto exit;
} }
#endif #endif
@ -539,15 +539,8 @@ int main( int argc, char *argv[] )
ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file );
else else
#endif #endif
#if defined(MBEDTLS_CERTS_C)
ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt,
mbedtls_test_cli_crt_len ); mbedtls_test_cli_crt_len );
#else
{
mbedtls_printf("MBEDTLS_CERTS_C not defined.");
goto exit;
}
#endif
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
@ -559,12 +552,12 @@ int main( int argc, char *argv[] )
ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" );
else else
#endif #endif
#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key, ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key,
mbedtls_test_cli_key_len, NULL, 0 ); mbedtls_test_cli_key_len, NULL, 0 );
#else #else
{ {
mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined."); mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
goto exit; goto exit;
} }
#endif #endif

View file

@ -37,16 +37,15 @@
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif #endif
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \
!defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_THREADING_C) || \
!defined(MBEDTLS_THREADING_C) || !defined(MBEDTLS_THREADING_PTHREAD) || \ !defined(MBEDTLS_THREADING_PTHREAD) || !defined(MBEDTLS_PEM_PARSE_C)
!defined(MBEDTLS_PEM_PARSE_C)
int main( void ) int main( void )
{ {
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C "
"and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
@ -65,11 +64,11 @@ int main( void )
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h"
#include "mbedtls/x509.h" #include "mbedtls/x509.h"
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/net_sockets.h" #include "mbedtls/net_sockets.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "test/certs.h"
#if defined(MBEDTLS_SSL_CACHE_C) #if defined(MBEDTLS_SSL_CACHE_C)
#include "mbedtls/ssl_cache.h" #include "mbedtls/ssl_cache.h"
@ -525,7 +524,7 @@ exit:
mbedtls_exit( ret ); mbedtls_exit( ret );
} }
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C &&
MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_THREADING_C && MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_THREADING_C &&
MBEDTLS_THREADING_PTHREAD && MBEDTLS_PEM_PARSE_C */ MBEDTLS_THREADING_PTHREAD && MBEDTLS_PEM_PARSE_C */

View file

@ -37,15 +37,14 @@
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif #endif
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PEM_PARSE_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
!defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO)
!defined(MBEDTLS_PEM_PARSE_C)
int main( void ) int main( void )
{ {
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C "
"and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
@ -63,12 +62,12 @@ int main( void )
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h"
#include "mbedtls/x509.h" #include "mbedtls/x509.h"
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/net_sockets.h" #include "mbedtls/net_sockets.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/debug.h" #include "mbedtls/debug.h"
#include "test/certs.h"
#if defined(MBEDTLS_SSL_CACHE_C) #if defined(MBEDTLS_SSL_CACHE_C)
#include "mbedtls/ssl_cache.h" #include "mbedtls/ssl_cache.h"
@ -397,7 +396,7 @@ exit:
mbedtls_exit( ret ); mbedtls_exit( ret );
} }
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C &&
MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C
&& MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */ && MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */

View file

@ -2340,7 +2340,6 @@ int main( int argc, char *argv[] )
ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
else else
#endif #endif
#if defined(MBEDTLS_CERTS_C)
{ {
#if defined(MBEDTLS_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) for( i = 0; mbedtls_test_cas[i] != NULL; i++ )
@ -2362,12 +2361,6 @@ int main( int argc, char *argv[] )
break; break;
} }
} }
#else
{
ret = 1;
mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
}
#endif /* MBEDTLS_CERTS_C */
if( ret < 0 ) if( ret < 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret ); mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret );
@ -2443,10 +2436,6 @@ int main( int argc, char *argv[] )
strcmp( opt.crt_file2, "none" ) != 0 && strcmp( opt.crt_file2, "none" ) != 0 &&
strcmp( opt.key_file2, "none" ) != 0 ) strcmp( opt.key_file2, "none" ) != 0 )
{ {
#if !defined(MBEDTLS_CERTS_C)
mbedtls_printf( "Not certificated or key provided, and \nMBEDTLS_CERTS_C not defined!\n" );
goto exit;
#else
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
if( ( ret = mbedtls_x509_crt_parse( &srvcert, if( ( ret = mbedtls_x509_crt_parse( &srvcert,
(const unsigned char *) mbedtls_test_srv_crt_rsa, (const unsigned char *) mbedtls_test_srv_crt_rsa,
@ -2485,7 +2474,6 @@ int main( int argc, char *argv[] )
} }
key_cert_init2 = 2; key_cert_init2 = 2;
#endif /* MBEDTLS_ECDSA_C */ #endif /* MBEDTLS_ECDSA_C */
#endif /* MBEDTLS_CERTS_C */
} }
mbedtls_printf( " ok\n" ); mbedtls_printf( " ok\n" );

View file

@ -65,12 +65,12 @@
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h"
#include "mbedtls/x509.h" #include "mbedtls/x509.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/debug.h" #include "mbedtls/debug.h"
#include "mbedtls/timing.h" #include "mbedtls/timing.h"
#include "mbedtls/base64.h" #include "mbedtls/base64.h"
#include "test/certs.h"
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h" #include "psa/crypto.h"

View file

@ -33,6 +33,7 @@ foreach(exe IN LISTS executables_libs executables_mbedcrypto)
endif() endif()
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test> add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
${extra_sources}) ${extra_sources})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
# This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3 # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
list(FIND executables_libs ${exe} exe_index) list(FIND executables_libs ${exe} exe_index)

View file

@ -36,7 +36,6 @@
#include "mbedtls/bn_mul.h" #include "mbedtls/bn_mul.h"
#include "mbedtls/camellia.h" #include "mbedtls/camellia.h"
#include "mbedtls/ccm.h" #include "mbedtls/ccm.h"
#include "mbedtls/certs.h"
#include "mbedtls/chacha20.h" #include "mbedtls/chacha20.h"
#include "mbedtls/chachapoly.h" #include "mbedtls/chachapoly.h"
#include "mbedtls/check_config.h" #include "mbedtls/check_config.h"
@ -98,6 +97,7 @@
#include "mbedtls/x509_crt.h" #include "mbedtls/x509_crt.h"
#include "mbedtls/x509_csr.h" #include "mbedtls/x509_csr.h"
#include "mbedtls/xtea.h" #include "mbedtls/xtea.h"
#include "test/certs.h"
#if defined(MBEDTLS_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"

View file

@ -47,7 +47,6 @@
#include "mbedtls/blowfish.h" #include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h" #include "mbedtls/camellia.h"
#include "mbedtls/ccm.h" #include "mbedtls/ccm.h"
#include "mbedtls/certs.h"
#include "mbedtls/chacha20.h" #include "mbedtls/chacha20.h"
#include "mbedtls/chachapoly.h" #include "mbedtls/chachapoly.h"
#include "mbedtls/cipher.h" #include "mbedtls/cipher.h"
@ -102,6 +101,7 @@
#include "mbedtls/x509_crt.h" #include "mbedtls/x509_crt.h"
#include "mbedtls/x509_csr.h" #include "mbedtls/x509_csr.h"
#include "mbedtls/xtea.h" #include "mbedtls/xtea.h"
#include "test/certs.h"
#include <string.h> #include <string.h>
@ -1769,14 +1769,6 @@ int query_config( const char *config )
} }
#endif /* MBEDTLS_CCM_C */ #endif /* MBEDTLS_CCM_C */
#if defined(MBEDTLS_CERTS_C)
if( strcmp( "MBEDTLS_CERTS_C", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_CERTS_C );
return( 0 );
}
#endif /* MBEDTLS_CERTS_C */
#if defined(MBEDTLS_CHACHA20_C) #if defined(MBEDTLS_CHACHA20_C)
if( strcmp( "MBEDTLS_CHACHA20_C", config ) == 0 ) if( strcmp( "MBEDTLS_CHACHA20_C", config ) == 0 )
{ {

View file

@ -315,9 +315,6 @@ const selftest_t selftests[] =
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
{"rsa", mbedtls_rsa_self_test}, {"rsa", mbedtls_rsa_self_test},
#endif #endif
#if defined(MBEDTLS_X509_USE_C)
{"x509", mbedtls_x509_self_test},
#endif
#if defined(MBEDTLS_XTEA_C) #if defined(MBEDTLS_XTEA_C)
{"xtea", mbedtls_xtea_self_test}, {"xtea", mbedtls_xtea_self_test},
#endif #endif

View file

@ -277,7 +277,6 @@ def include_in_crypto(name):
name.startswith('MBEDTLS_KEY_EXCHANGE_'): name.startswith('MBEDTLS_KEY_EXCHANGE_'):
return False return False
if name in [ if name in [
'MBEDTLS_CERTS_C', # part of libmbedx509
'MBEDTLS_DEBUG_C', # part of libmbedtls 'MBEDTLS_DEBUG_C', # part of libmbedtls
'MBEDTLS_NET_C', # part of libmbedtls 'MBEDTLS_NET_C', # part of libmbedtls
'MBEDTLS_PKCS11_C', # part of libmbedx509 'MBEDTLS_PKCS11_C', # part of libmbedx509

View file

@ -47,7 +47,6 @@
#include "mbedtls/blowfish.h" #include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h" #include "mbedtls/camellia.h"
#include "mbedtls/ccm.h" #include "mbedtls/ccm.h"
#include "mbedtls/certs.h"
#include "mbedtls/chacha20.h" #include "mbedtls/chacha20.h"
#include "mbedtls/chachapoly.h" #include "mbedtls/chachapoly.h"
#include "mbedtls/cipher.h" #include "mbedtls/cipher.h"
@ -102,6 +101,7 @@
#include "mbedtls/x509_crt.h" #include "mbedtls/x509_crt.h"
#include "mbedtls/x509_csr.h" #include "mbedtls/x509_csr.h"
#include "mbedtls/xtea.h" #include "mbedtls/xtea.h"
#include "test/certs.h"
#include <string.h> #include <string.h>

View file

@ -129,7 +129,7 @@ do_config "ccm-psk-tls1_2" \
"psk=000102030405060708090A0B0C0D0E0F" "psk=000102030405060708090A0B0C0D0E0F"
do_config "suite-b" \ do_config "suite-b" \
"MBEDTLS_BASE64_C MBEDTLS_PEM_PARSE_C MBEDTLS_CERTS_C" \ "MBEDTLS_BASE64_C MBEDTLS_PEM_PARSE_C" \
"" ""
# cleanup # cleanup

View file

@ -19,9 +19,7 @@
#include "common.h" #include "common.h"
#include "mbedtls/certs.h" #include <test/certs.h>
#if defined(MBEDTLS_CERTS_C)
/* /*
* Test CA Certificates * Test CA Certificates
@ -1742,5 +1740,3 @@ const char mbedtls_test_cas_pem[] =
""; "";
const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem ); const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem );
#endif /* MBEDTLS_PEM_PARSE_C */ #endif /* MBEDTLS_PEM_PARSE_C */
#endif /* MBEDTLS_CERTS_C */

View file

@ -3,10 +3,10 @@
#include <mbedtls/ssl_internal.h> #include <mbedtls/ssl_internal.h>
#include <mbedtls/ctr_drbg.h> #include <mbedtls/ctr_drbg.h>
#include <mbedtls/entropy.h> #include <mbedtls/entropy.h>
#include <mbedtls/certs.h>
#include <mbedtls/timing.h> #include <mbedtls/timing.h>
#include <mbedtls/debug.h> #include <mbedtls/debug.h>
#include <ssl_tls13_keys.h> #include <ssl_tls13_keys.h>
#include "test/certs.h"
#include <ssl_invasive.h> #include <ssl_invasive.h>

View file

@ -1015,10 +1015,6 @@ X509 CRT verification callback: one intermediate, bad signature
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
x509_verify_callback:"data_files/server7-badsign.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000008\n" x509_verify_callback:"data_files/server7-badsign.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000008\n"
X509 Parse Selftest
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CERTS_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_selftest:
X509 CRT ASN1 (Empty Certificate) X509 CRT ASN1 (Empty Certificate)
x509parse_crt:"":"":MBEDTLS_ERR_X509_INVALID_FORMAT x509parse_crt:"":"":MBEDTLS_ERR_X509_INVALID_FORMAT

View file

@ -1249,10 +1249,3 @@ exit:
;; ;;
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */
void x509_selftest( )
{
TEST_ASSERT( mbedtls_x509_self_test( 1 ) == 0 );
}
/* END_CASE */

View file

@ -153,7 +153,6 @@
<ClInclude Include="..\..\include\mbedtls\bn_mul.h" /> <ClInclude Include="..\..\include\mbedtls\bn_mul.h" />
<ClInclude Include="..\..\include\mbedtls\camellia.h" /> <ClInclude Include="..\..\include\mbedtls\camellia.h" />
<ClInclude Include="..\..\include\mbedtls\ccm.h" /> <ClInclude Include="..\..\include\mbedtls\ccm.h" />
<ClInclude Include="..\..\include\mbedtls\certs.h" />
<ClInclude Include="..\..\include\mbedtls\chacha20.h" /> <ClInclude Include="..\..\include\mbedtls\chacha20.h" />
<ClInclude Include="..\..\include\mbedtls\chachapoly.h" /> <ClInclude Include="..\..\include\mbedtls\chachapoly.h" />
<ClInclude Include="..\..\include\mbedtls\check_config.h" /> <ClInclude Include="..\..\include\mbedtls\check_config.h" />
@ -230,6 +229,7 @@
<ClInclude Include="..\..\include\psa\crypto_struct.h" /> <ClInclude Include="..\..\include\psa\crypto_struct.h" />
<ClInclude Include="..\..\include\psa\crypto_types.h" /> <ClInclude Include="..\..\include\psa\crypto_types.h" />
<ClInclude Include="..\..\include\psa\crypto_values.h" /> <ClInclude Include="..\..\include\psa\crypto_values.h" />
<ClInclude Include="..\..\tests\include\test\certs.h" />
<ClInclude Include="..\..\tests\include\test\constant_flow.h" /> <ClInclude Include="..\..\tests\include\test\constant_flow.h" />
<ClInclude Include="..\..\tests\include\test\helpers.h" /> <ClInclude Include="..\..\tests\include\test\helpers.h" />
<ClInclude Include="..\..\tests\include\test\macros.h" /> <ClInclude Include="..\..\tests\include\test\macros.h" />
@ -271,7 +271,6 @@
<ClCompile Include="..\..\library\blowfish.c" /> <ClCompile Include="..\..\library\blowfish.c" />
<ClCompile Include="..\..\library\camellia.c" /> <ClCompile Include="..\..\library\camellia.c" />
<ClCompile Include="..\..\library\ccm.c" /> <ClCompile Include="..\..\library\ccm.c" />
<ClCompile Include="..\..\library\certs.c" />
<ClCompile Include="..\..\library\chacha20.c" /> <ClCompile Include="..\..\library\chacha20.c" />
<ClCompile Include="..\..\library\chachapoly.c" /> <ClCompile Include="..\..\library\chachapoly.c" />
<ClCompile Include="..\..\library\cipher.c" /> <ClCompile Include="..\..\library\cipher.c" />
@ -345,6 +344,7 @@
<ClCompile Include="..\..\library\x509write_crt.c" /> <ClCompile Include="..\..\library\x509write_crt.c" />
<ClCompile Include="..\..\library\x509write_csr.c" /> <ClCompile Include="..\..\library\x509write_csr.c" />
<ClCompile Include="..\..\library\xtea.c" /> <ClCompile Include="..\..\library\xtea.c" />
<ClCompile Include="..\..\tests\src\certs.c" />
<ClCompile Include="..\..\tests\src\helpers.c" /> <ClCompile Include="..\..\tests\src\helpers.c" />
<ClCompile Include="..\..\tests\src\psa_crypto_helpers.c" /> <ClCompile Include="..\..\tests\src\psa_crypto_helpers.c" />
<ClCompile Include="..\..\tests\src\random.c" /> <ClCompile Include="..\..\tests\src\random.c" />