From 684e9dc52ea0ae2fd76285edf6f9cf905dcd10bd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Fri, 20 Sep 2013 15:11:44 +0200
Subject: [PATCH] Add custom configurations with activation script

---
 scripts/activate-config.pl                 | 68 ++++++++++++++++++++++
 scripts/data_files/config-mini-tls1_1.h    | 50 ++++++++++++++++
 scripts/data_files/config-psk-rc4-tls1_0.h | 33 +++++++++++
 scripts/data_files/config-suite-b.h        | 54 +++++++++++++++++
 scripts/update_vs_apps.pl                  |  3 +
 5 files changed, 208 insertions(+)
 create mode 100755 scripts/activate-config.pl
 create mode 100644 scripts/data_files/config-mini-tls1_1.h
 create mode 100644 scripts/data_files/config-psk-rc4-tls1_0.h
 create mode 100644 scripts/data_files/config-suite-b.h

diff --git a/scripts/activate-config.pl b/scripts/activate-config.pl
new file mode 100755
index 000000000..561e0676c
--- /dev/null
+++ b/scripts/activate-config.pl
@@ -0,0 +1,68 @@
+#!/usr/bin/perl
+
+# activate a pre-defined configuration
+
+use warnings;
+use strict;
+
+my $config_h = "../include/polarssl/config.h";
+
+exit( main() );
+
+sub read_default {
+    open my $fh, '<', $config_h or die "Failed to read $config_h: $!\n";
+
+    my (@pre, @post);
+    my $state = 'pre';
+
+    while( my $line = <$fh> ) {
+        if( $state eq 'pre' ) {
+            push @pre, $line;
+            $state = 'skip' if $line =~ /} name SECTION: System support/;
+        }
+        elsif( $state eq 'skip' ) {
+            $state = 'post' if $line =~/} name SECTION: PolarSSL modules/;
+        }
+        else {
+            push @post, $line;
+        }
+    }
+
+    die "Failed to parse $config_h\n" if( $state ne 'post' );
+
+    close $fh;
+
+    push @pre, "\n";
+
+    return \@pre, \@post;
+}
+
+sub read_custom {
+    my ($file_name) = @_;
+
+    open my $fh, '<', $file_name or die "Failed to read $file_name: $!\n";
+    my @content = <$fh>;
+    close $fh;
+
+    return \@content;
+}
+
+sub write_custom {
+    my ($pre, $mid, $post) = @_;
+
+    open my $fh, '>', $config_h or die "Failed to write $config_h: $!\n";
+    print $fh @$pre;
+    print $fh @$mid;
+    print $fh @$post;
+    close $fh;
+}
+
+sub main {
+    my $custom_file_name = $ARGV[0];
+
+    my ($pre, $post) = read_default();
+    my $mine = read_custom( $custom_file_name );
+    write_custom( $pre, $mine, $post );
+
+    return 0;
+}
diff --git a/scripts/data_files/config-mini-tls1_1.h b/scripts/data_files/config-mini-tls1_1.h
new file mode 100644
index 000000000..493069707
--- /dev/null
+++ b/scripts/data_files/config-mini-tls1_1.h
@@ -0,0 +1,50 @@
+/*
+ * Minimal configuration for TLS 1.1 (RFC 4346), implementing only the
+ * required ciphersuite: TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ *
+ * Can be activated with:
+ *      cd scripts
+ *      ./activate-config.pl data_files/config-mini-tls1_1.h
+ */
+
+/* PolarSSL feature support */
+#define POLARSSL_CIPHER_MODE_CBC
+#define POLARSSL_PKCS1_V15
+#define POLARSSL_KEY_EXCHANGE_RSA_ENABLED
+#define POLARSSL_SSL_PROTO_TLS1_1
+
+/* PolarSSL modules */
+#define POLARSSL_AES_C
+#define POLARSSL_ASN1_PARSE_C
+#define POLARSSL_ASN1_WRITE_C
+#define POLARSSL_BIGNUM_C
+#define POLARSSL_CIPHER_C
+#define POLARSSL_CTR_DRBG_C
+#define POLARSSL_DES_C
+#define POLARSSL_ENTROPY_C
+#define POLARSSL_MD_C
+#define POLARSSL_MD5_C
+#define POLARSSL_NET_C
+#define POLARSSL_OID_C
+#define POLARSSL_PK_C
+#define POLARSSL_PK_PARSE_C
+#define POLARSSL_RSA_C
+#define POLARSSL_SHA1_C
+#define POLARSSL_SHA256_C
+#define POLARSSL_SSL_CLI_C
+#define POLARSSL_SSL_SRV_C
+#define POLARSSL_SSL_TLS_C
+#define POLARSSL_X509_CRL_PARSE_C
+#define POLARSSL_X509_CRT_PARSE_C
+#define POLARSSL_X509_USE_C
+
+/* For test certificates */
+#define POLARSSL_BASE64_C
+#define POLARSSL_CERTS_C
+#define POLARSSL_PEM_PARSE_C
+
+/* For testing with compat.sh */
+#define POLARSSL_FS_IO
+
+/* marker for activate-config.pl
+ * \} name SECTION: PolarSSL modules */
diff --git a/scripts/data_files/config-psk-rc4-tls1_0.h b/scripts/data_files/config-psk-rc4-tls1_0.h
new file mode 100644
index 000000000..c809658e5
--- /dev/null
+++ b/scripts/data_files/config-psk-rc4-tls1_0.h
@@ -0,0 +1,33 @@
+/*
+ * Custom compact configuration for TLS 1.0 with PSK and RC4
+ * Distinguishing features: no bignum, no PK, no X509.
+ *
+ * Can be activated with:
+ *      cd scripts
+ *      ./activate-config.pl data_files/config-mini-tls1_1.h
+ */
+
+/* PolarSSL feature support */
+#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
+#define POLARSSL_SSL_PROTO_TLS1
+
+/* PolarSSL modules */
+#define POLARSSL_AES_C
+#define POLARSSL_ARC4_C
+#define POLARSSL_ASN1_PARSE_C
+#define POLARSSL_ASN1_WRITE_C
+#define POLARSSL_CIPHER_C
+#define POLARSSL_CTR_DRBG_C
+#define POLARSSL_ENTROPY_C
+#define POLARSSL_MD_C
+#define POLARSSL_MD5_C
+#define POLARSSL_NET_C
+#define POLARSSL_OID_C
+#define POLARSSL_SHA1_C
+#define POLARSSL_SHA256_C
+#define POLARSSL_SSL_CLI_C
+#define POLARSSL_SSL_SRV_C
+#define POLARSSL_SSL_TLS_C
+
+/* marker for activate-config.pl
+ * \} name SECTION: PolarSSL modules */
diff --git a/scripts/data_files/config-suite-b.h b/scripts/data_files/config-suite-b.h
new file mode 100644
index 000000000..72dd348f8
--- /dev/null
+++ b/scripts/data_files/config-suite-b.h
@@ -0,0 +1,54 @@
+/*
+ * Minimal configuration for TLS NSA Suite B Profile (RFC 6460)
+ *
+ * Can be activated with:
+ *      cd scripts
+ *      ./activate-config.pl data_files/config-mini-tls1_1.h
+ */
+
+/* PolarSSL feature support */
+#define POLARSSL_ECP_DP_SECP256R1_ENABLED
+#define POLARSSL_ECP_DP_SECP384R1_ENABLED
+#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+#define POLARSSL_SSL_PROTO_TLS1_2
+
+/* PolarSSL modules */
+#define POLARSSL_AES_C
+#define POLARSSL_ASN1_PARSE_C
+#define POLARSSL_ASN1_WRITE_C
+#define POLARSSL_BIGNUM_C
+#define POLARSSL_CIPHER_C
+#define POLARSSL_CTR_DRBG_C
+#define POLARSSL_ECDH_C
+#define POLARSSL_ECDSA_C
+#define POLARSSL_ECP_C
+#define POLARSSL_ENTROPY_C
+#define POLARSSL_GCM_C
+#define POLARSSL_MD_C
+#define POLARSSL_NET_C
+#define POLARSSL_OID_C
+#define POLARSSL_PK_C
+#define POLARSSL_PK_PARSE_C
+#define POLARSSL_SHA256_C
+#define POLARSSL_SHA512_C
+#define POLARSSL_SSL_CLI_C
+#define POLARSSL_SSL_SRV_C
+#define POLARSSL_SSL_TLS_C
+#define POLARSSL_X509_CRL_PARSE_C
+#define POLARSSL_X509_CRT_PARSE_C
+#define POLARSSL_X509_USE_C
+
+/* For test certificates */
+#define POLARSSL_BASE64_C
+#define POLARSSL_CERTS_C
+#define POLARSSL_PEM_PARSE_C
+
+/* For testing with compat.sh */
+#define POLARSSL_FS_IO
+
+/* Temporary for current certificates */
+#define POLARSSL_ECP_DP_SECP192R1_ENABLED
+#define POLARSSL_SHA1_C
+
+/* marker for activate-config.pl
+ * \} name SECTION: PolarSSL modules */
diff --git a/scripts/update_vs_apps.pl b/scripts/update_vs_apps.pl
index 530f7b279..a5f6c8f6e 100755
--- a/scripts/update_vs_apps.pl
+++ b/scripts/update_vs_apps.pl
@@ -1,5 +1,8 @@
 #!/usr/bin/perl
 
+# create individual project files for example programs
+# for VS6 and VS2010
+
 use warnings;
 use strict;