SSL test programs: move RNG common code to ssl_test_lib
This commit is deliberately arranged to minimize code changes. Subsequent commits will clean up the resulting code. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
b3715eb86e
commit
daa94c4ff5
4 changed files with 85 additions and 57 deletions
|
@ -742,8 +742,7 @@ int main( int argc, char *argv[] )
|
|||
mbedtls_ssl_config_init( &conf );
|
||||
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
|
||||
rng_context_t *rng = &rng_context;
|
||||
mbedtls_ctr_drbg_init( &rng->drbg );
|
||||
mbedtls_entropy_init( &rng->entropy );
|
||||
rng_init( rng );
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
mbedtls_x509_crt_init( &cacert );
|
||||
mbedtls_x509_crt_init( &clicert );
|
||||
|
@ -1536,30 +1535,8 @@ int main( int argc, char *argv[] )
|
|||
fflush( stdout );
|
||||
|
||||
int reproducible = opt.reproducible;
|
||||
if ( reproducible )
|
||||
{
|
||||
srand( 1 );
|
||||
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy,
|
||||
&rng->entropy, (const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
||||
(unsigned int) -ret );
|
||||
if( rng_seed( rng, reproducible, pers ) != 0 )
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func,
|
||||
&rng->entropy, (const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
||||
(unsigned int) -ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
|
@ -3025,8 +3002,7 @@ exit:
|
|||
mbedtls_ssl_session_free( &saved_session );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ssl_config_free( &conf );
|
||||
mbedtls_ctr_drbg_free( &rng->drbg );
|
||||
mbedtls_entropy_free( &rng->entropy );
|
||||
rng_free( rng );
|
||||
if( session_data != NULL )
|
||||
mbedtls_platform_zeroize( session_data, session_data_len );
|
||||
mbedtls_free( session_data );
|
||||
|
|
|
@ -1377,8 +1377,7 @@ int main( int argc, char *argv[] )
|
|||
mbedtls_ssl_init( &ssl );
|
||||
mbedtls_ssl_config_init( &conf );
|
||||
rng_context_t *rng = &rng_context;
|
||||
mbedtls_ctr_drbg_init( &rng->drbg );
|
||||
mbedtls_entropy_init( &rng->entropy );
|
||||
rng_init( rng );
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
mbedtls_x509_crt_init( &cacert );
|
||||
mbedtls_x509_crt_init( &srvcert );
|
||||
|
@ -2295,30 +2294,8 @@ int main( int argc, char *argv[] )
|
|||
fflush( stdout );
|
||||
|
||||
int reproducible = opt.reproducible;
|
||||
if ( reproducible )
|
||||
{
|
||||
srand( 1 );
|
||||
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy,
|
||||
&rng->entropy, (const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
||||
(unsigned int) -ret );
|
||||
if( rng_seed( rng, reproducible, pers ) != 0 )
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func,
|
||||
&rng->entropy, (const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
||||
(unsigned int) -ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
mbedtls_printf( " ok\n" );
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
|
@ -3999,8 +3976,7 @@ exit:
|
|||
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ssl_config_free( &conf );
|
||||
mbedtls_ctr_drbg_free( &rng->drbg );
|
||||
mbedtls_entropy_free( &rng->entropy );
|
||||
rng_free( rng );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_free( &cache );
|
||||
|
|
|
@ -61,6 +61,52 @@ int dummy_entropy( void *data, unsigned char *output, size_t len )
|
|||
return( ret );
|
||||
}
|
||||
|
||||
void rng_init( rng_context_t *rng )
|
||||
{
|
||||
mbedtls_ctr_drbg_init( &rng->drbg );
|
||||
mbedtls_entropy_init( &rng->entropy );
|
||||
}
|
||||
|
||||
int rng_seed( rng_context_t *rng, int reproducible, const char *pers )
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
if ( reproducible )
|
||||
{
|
||||
srand( 1 );
|
||||
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy,
|
||||
&rng->entropy, (const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
||||
(unsigned int) -ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func,
|
||||
&rng->entropy, (const unsigned char *) pers,
|
||||
strlen( pers ) ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
|
||||
(unsigned int) -ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
return( 0 );
|
||||
exit:
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
void rng_free( rng_context_t *rng )
|
||||
{
|
||||
mbedtls_ctr_drbg_free( &rng->drbg );
|
||||
mbedtls_entropy_free( &rng->entropy );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
||||
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
||||
mbedtls_x509_crt **candidates )
|
||||
|
|
|
@ -128,7 +128,7 @@ mbedtls_time_t dummy_constant_time( mbedtls_time_t* time );
|
|||
|
||||
int dummy_entropy( void *data, unsigned char *output, size_t len );
|
||||
|
||||
/** A context for random generation.
|
||||
/** A context for random number generation (RNG).
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
|
@ -136,6 +136,36 @@ typedef struct
|
|||
mbedtls_ctr_drbg_context drbg;
|
||||
} rng_context_t;
|
||||
|
||||
/** Initialize the RNG.
|
||||
*
|
||||
* This function only initializes the memory used by the RNG context.
|
||||
* Before using the RNG, it must be seeded with rng_seed().
|
||||
*/
|
||||
void rng_init( rng_context_t *rng );
|
||||
|
||||
/* Seed the random number generator.
|
||||
*
|
||||
* \param rng The RNG context to use. It must have been initialized
|
||||
* with rng_init().
|
||||
* \param reproducible If zero, seed the RNG from entropy.
|
||||
* If nonzero, use a fixed seed, so that the program
|
||||
* will produce the same sequence of random numbers
|
||||
* each time it is invoked.
|
||||
* \param pers A null-terminated string. Different values for this
|
||||
* string cause the RNG to emit different output for
|
||||
* the same seed.
|
||||
*
|
||||
* return 0 on success, a negative value on error.
|
||||
*/
|
||||
int rng_seed( rng_context_t *rng, int reproducible, const char *pers );
|
||||
|
||||
/** Deinitialize the RNG. Free any embedded resource.
|
||||
*
|
||||
* \param rng The RNG context to deinitialize. It must have been
|
||||
* initialized with rng_init().
|
||||
*/
|
||||
void rng_free( rng_context_t *rng );
|
||||
|
||||
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
||||
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
||||
mbedtls_x509_crt **candidates );
|
||||
|
|
Loading…
Reference in a new issue