From 8a3170571e886718699776777ab7fbb44320d4f1 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 21 Apr 2016 23:37:09 +0100 Subject: [PATCH 01/11] Fix bug in ssl_write_supported_elliptic_curves_ext Passing invalid curves to mbedtls_ssl_conf_curves potentially could caused a crash later in ssl_write_supported_elliptic_curves_ext. #373 --- ChangeLog | 2 ++ library/ssl_cli.c | 7 ++++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index ea55df8e1..bee652cf9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -19,6 +19,8 @@ Bugfix * Fix issue that caused a hang when generating RSA keys of odd bitlength * Fix bug in mbedtls_rsa_rsaes_pkcs1_v15_encrypt that made null pointer dereference possible. + * Fix issue that caused a crash if invalid curves were passed to + mbedtls_ssl_conf_curves. #373 Changes * On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5, diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 52ddf9a92..7f5b94eb2 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -270,6 +270,12 @@ static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) { #endif + if( info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid curve in ssl configuration" ) ); + return; + } + elliptic_curve_len += 2; } @@ -289,7 +295,6 @@ static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) { #endif - elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8; elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; } From 3d53f416389103fc2c1d507906a4f6c04c19a247 Mon Sep 17 00:00:00 2001 From: Alexey Skalozub Date: Wed, 13 Jan 2016 16:53:40 +0200 Subject: [PATCH 02/11] Faster mbedtls_zeroize for MPI Writes in `sizeof(mbedtls_mpi_uint)` units perform faster than plain chars, also eliminates multiplication by `ciL` --- library/bignum.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 7841bea43..07e099afb 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -59,8 +59,8 @@ #endif /* Implementation that should never be optimized out by the compiler */ -static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; +static void mbedtls_zeroize( mbedtls_mpi_uint *v, size_t n ) { + volatile mbedtls_mpi_uint *p = v; while( n-- ) *p++ = 0; } #define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */ @@ -99,7 +99,7 @@ void mbedtls_mpi_free( mbedtls_mpi *X ) if( X->p != NULL ) { - mbedtls_zeroize( X->p, X->n * ciL ); + mbedtls_zeroize( X->p, X->n ); mbedtls_free( X->p ); } @@ -126,7 +126,7 @@ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ) if( X->p != NULL ) { memcpy( p, X->p, X->n * ciL ); - mbedtls_zeroize( X->p, X->n * ciL ); + mbedtls_zeroize( X->p, X->n ); mbedtls_free( X->p ); } @@ -164,7 +164,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) if( X->p != NULL ) { memcpy( p, X->p, i * ciL ); - mbedtls_zeroize( X->p, X->n * ciL ); + mbedtls_zeroize( X->p, X->n ); mbedtls_free( X->p ); } From e17a8da17e3927603ecffa265f7279f429d17932 Mon Sep 17 00:00:00 2001 From: Alexey Skalozub Date: Wed, 13 Jan 2016 17:19:33 +0200 Subject: [PATCH 03/11] Rename MPI zeroize function to mbedtls_mpi_zeroize Avoid naming confusion --- library/bignum.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 07e099afb..d6f415c6f 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -59,7 +59,7 @@ #endif /* Implementation that should never be optimized out by the compiler */ -static void mbedtls_zeroize( mbedtls_mpi_uint *v, size_t n ) { +static void mbedtls_mpi_zeroize( mbedtls_mpi_uint *v, size_t n ) { volatile mbedtls_mpi_uint *p = v; while( n-- ) *p++ = 0; } @@ -99,7 +99,7 @@ void mbedtls_mpi_free( mbedtls_mpi *X ) if( X->p != NULL ) { - mbedtls_zeroize( X->p, X->n ); + mbedtls_mpi_zeroize( X->p, X->n ); mbedtls_free( X->p ); } @@ -126,7 +126,7 @@ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ) if( X->p != NULL ) { memcpy( p, X->p, X->n * ciL ); - mbedtls_zeroize( X->p, X->n ); + mbedtls_mpi_zeroize( X->p, X->n ); mbedtls_free( X->p ); } @@ -164,7 +164,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) if( X->p != NULL ) { memcpy( p, X->p, i * ciL ); - mbedtls_zeroize( X->p, X->n ); + mbedtls_mpi_zeroize( X->p, X->n ); mbedtls_free( X->p ); } From d7e9ad7d831e3709cb0d668a4a298e2a6383c4a7 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Mon, 25 Apr 2016 16:07:12 +0100 Subject: [PATCH 04/11] Updates ChangeLog with faster MPI zeroize fix Added optimised mbedtls_mpi_zeroise() credit to ChangeLog. --- ChangeLog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index bee652cf9..15bb3379c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -26,7 +26,8 @@ Changes * On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5, don't use the optimized assembly for bignum multiplication. This removes the need to pass -fomit-frame-pointer to avoid a build error with -O0. - * Disabled SSLv3 in the default configuration. + * Disabled SSLv3 in the default configuration. + * Optimized mbedtls_zeroize() for MPI integer size. (Fix by Alexey Skalozub) = mbed TLS 2.2.1 released 2016-01-05 From a543d11d3aa4fbf569f9ae51c37542e3b3f32932 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Tue, 26 Apr 2016 12:51:37 +0100 Subject: [PATCH 05/11] Fixes mbedtls_mpi_zeroize() function name in ChangeLog --- ChangeLog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 15bb3379c..128113838 100644 --- a/ChangeLog +++ b/ChangeLog @@ -27,7 +27,8 @@ Changes don't use the optimized assembly for bignum multiplication. This removes the need to pass -fomit-frame-pointer to avoid a build error with -O0. * Disabled SSLv3 in the default configuration. - * Optimized mbedtls_zeroize() for MPI integer size. (Fix by Alexey Skalozub) + * Optimized mbedtls_mpi_zeroize() for MPI integer size. (Fix by Alexey + Skalozub). = mbed TLS 2.2.1 released 2016-01-05 From 1594210a49904cab931bd48e0bf19de99d878af3 Mon Sep 17 00:00:00 2001 From: SimonB Date: Mon, 25 Apr 2016 21:34:49 +0100 Subject: [PATCH 06/11] Adds better support to debug generated code The commit adds to the generate_code.pl script support to add #line directives to generated code to allow build breaks to be more easily found from the generated code. --- tests/scripts/generate_code.pl | 62 ++++++++++++++++++++++++++------- tests/suites/helpers.function | 1 + tests/suites/main_test.function | 9 +++-- 3 files changed, 57 insertions(+), 15 deletions(-) diff --git a/tests/scripts/generate_code.pl b/tests/scripts/generate_code.pl index 5892f7ba3..93c003b01 100755 --- a/tests/scripts/generate_code.pl +++ b/tests/scripts/generate_code.pl @@ -21,13 +21,15 @@ # test dispatch code as well as support functions. It contains the # following symbols which are substituted by this script during # processing: -# TEST_FILENAME +# TESTCASE_FILENAME +# TESTCODE_FILENAME # SUITE_PRE_DEP # MAPPING_CODE # FUNCTION CODE # SUITE_POST_DEP # DEP_CHECK_CODE # DISPATCH_FUNCTION +# !LINE_NO! # # - common helper code file - 'helpers.function' # Common helper functions @@ -44,8 +46,8 @@ # # - test data file - file name in the form 'test_suite_xxxx.data' # The test case parameters to to be used in execution of the test. The -# file name is used to replace the symbol 'TEST_FILENAME' in the main code -# file above. +# file name is used to replace the symbol 'TESTCASE_FILENAME' in the main +# code file above. # use strict; @@ -62,23 +64,52 @@ my $test_case_data = $suite_dir."/".$data_name.".data"; my $line_separator = $/; undef $/; + +# +# Open and read in the input files +# + open(TEST_HELPERS, "$test_common_helper_file") or die "Opening test helpers '$test_common_helper_file': $!"; my $test_common_helpers = ; close(TEST_HELPERS); open(TEST_MAIN, "$test_main_file") or die "Opening test main '$test_main_file': $!"; -my $test_main = ; +my @test_main_lines = split/^/, ; +my $test_main; +my $index = 1; +for my $line (@test_main_lines) { + $line =~ s/!LINE_NO!/$index/; + $test_main = $test_main.$line; + $index++; +} close(TEST_MAIN); open(TEST_CASES, "$test_case_file") or die "Opening test cases '$test_case_file': $!"; -my $test_cases = ; +my @test_cases_lines = split/^/, ; +my $test_cases; +my $index = 1; +for my $line (@test_cases_lines) { + if ($line =~ /^\/\* BEGIN_CASE .*\*\//) + { + $line = $line."#line $index \"$test_case_file\"\n"; + } + + $test_cases = $test_cases.$line; + $index++; +} + close(TEST_CASES); open(TEST_DATA, "$test_case_data") or die "Opening test data '$test_case_data': $!"; my $test_data = ; close(TEST_DATA); + +# +# Find the headers, dependencies, and suites in the test cases file +# + my ( $suite_header ) = $test_cases =~ /\/\* BEGIN_HEADER \*\/\n(.*?)\n\/\* END_HEADER \*\//s; my ( $suite_defines ) = $test_cases =~ /\/\* BEGIN_DEPENDENCIES\n \* (.*?)\n \* END_DEPENDENCIES/s; my ( $suite_helpers ) = $test_cases =~ /\/\* BEGIN_SUITE_HELPERS \*\/\n(.*?)\n\/\* END_SUITE_HELPERS \*\//s; @@ -159,16 +190,19 @@ while($test_cases =~ /\/\* BEGIN_CASE *([\w:]*) \*\/\n(.*?)\n\/\* END_CASE \*\// my $function_decl = $2; # Sanity checks of function - if ($function_decl !~ /^void /) + if ($function_decl !~ /^#line\s*.*\nvoid /) { - die "Test function does not have 'void' as return type\n"; + die "Test function does not have 'void' as return type.\n" . + "Function declaration:\n" . + $function_decl; } - if ($function_decl !~ /^void (\w+)\(\s*(.*?)\s*\)\s*{(.*)}/ms) + if ($function_decl !~ /^(#line\s*.*)\nvoid (\w+)\(\s*(.*?)\s*\)\s*{(.*)}/ms) { die "Function declaration not in expected format\n"; } - my $function_name = $1; - my $function_params = $2; + my $line_directive = $1; + my $function_name = $2; + my $function_params = $3; my $function_pre_code; my $function_post_code; my $param_defs; @@ -179,7 +213,7 @@ while($test_cases =~ /\/\* BEGIN_CASE *([\w:]*) \*\/\n(.*?)\n\/\* END_CASE \*\// my $mapping_regex = "".$function_name; my $mapping_count = 0; - $function_decl =~ s/^void /void test_suite_/; + $function_decl =~ s/(^#line\s*.*)\nvoid /$1\nvoid test_suite_/; # Add exit label if not present if ($function_decl !~ /^exit:$/m) @@ -262,7 +296,8 @@ $function_post_code else END - my $function_code = $function_pre_code . $function_decl . "\n" . $function_post_code; + my $function_code = $function_pre_code . $function_decl . "\n" . + $function_post_code; $test_main =~ s/FUNCTION_CODE/$function_code\nFUNCTION_CODE/; } @@ -317,7 +352,8 @@ END $dispatch_code =~ s/^(.+)/ $1/mg; -$test_main =~ s/TEST_FILENAME/$test_case_data/g; +$test_main =~ s/TESTCASE_FILENAME/$test_case_data/g; +$test_main =~ s/TESTCODE_FILENAME/$test_case_file/g; $test_main =~ s/FUNCTION_CODE//; $test_main =~ s/DEP_CHECK_CODE/$dep_check_code/; $test_main =~ s/DISPATCH_FUNCTION/$dispatch_code/; diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 6d4438de5..c4128b403 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -1,3 +1,4 @@ +#line 1 "helpers.function" /*----------------------------------------------------------------------------*/ /* Headers */ diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index c2e3f6b07..c5d6cd86b 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -1,3 +1,4 @@ +#line 1 "main_test.function" SUITE_PRE_DEP #define TEST_SUITE_ACTIVE @@ -70,6 +71,8 @@ MAPPING_CODE FUNCTION_CODE SUITE_POST_DEP +#line !LINE_NO! "main_test.function" + /*----------------------------------------------------------------------------*/ /* Test dispatch code */ @@ -111,6 +114,8 @@ DISPATCH_FUNCTION /*----------------------------------------------------------------------------*/ /* Main Test code */ +#line !LINE_NO! "main_test.function" + #define USAGE \ "Usage: %s [OPTIONS] files...\n\n" \ " Command line arguments:\n" \ @@ -121,7 +126,7 @@ DISPATCH_FUNCTION " -v | --verbose Display full information about each test\n" \ " -h | --help Display this information\n\n", \ argv[0], \ - "TEST_FILENAME" + "TESTCASE_FILENAME" int get_line( FILE *f, char *buf, size_t len ) @@ -234,7 +239,7 @@ static int run_test_snprintf( void ) int main(int argc, const char *argv[]) { /* Local Configurations and options */ - const char *default_filename = "TEST_FILENAME"; + const char *default_filename = "TESTCASE_FILENAME"; const char *test_filename = NULL; const char **test_files = NULL; int testfile_count = 0; From d5800b7761ad9705d2ebca86d7af0c8ee24e427a Mon Sep 17 00:00:00 2001 From: SimonB Date: Tue, 26 Apr 2016 07:43:27 +0100 Subject: [PATCH 07/11] Abstracts away time()/stdlib.h into platform Substitutes time() into a configurable platform interface to allow it to be easily substituted. --- include/mbedtls/config.h | 2 ++ include/mbedtls/platform.h | 34 ++++++++++++++++++++++++++++++++++ include/mbedtls/ssl.h | 2 +- include/mbedtls/ssl_cache.h | 2 +- library/debug.c | 13 +++++++------ library/net.c | 8 +++++++- library/platform.c | 23 +++++++++++++++++++++++ library/ssl_cache.c | 16 +++++++++------- library/ssl_ciphersuites.c | 8 +++++++- library/ssl_cli.c | 22 ++++++++++++---------- library/ssl_cookie.c | 14 ++++++++------ library/ssl_srv.c | 24 +++++++++++++----------- library/ssl_ticket.c | 14 ++++++++------ library/ssl_tls.c | 17 +++++++++-------- library/x509.c | 12 +++++++----- programs/ssl/mini_client.c | 11 +++++++++++ 16 files changed, 159 insertions(+), 63 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index a617d0629..3c3d9ca2d 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -152,6 +152,7 @@ * platform function */ //#define MBEDTLS_PLATFORM_EXIT_ALT +//#define MBEDTLS_PLATFORM_TIME_ALT //#define MBEDTLS_PLATFORM_FPRINTF_ALT //#define MBEDTLS_PLATFORM_PRINTF_ALT //#define MBEDTLS_PLATFORM_SNPRINTF_ALT @@ -2465,6 +2466,7 @@ //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ /* Note: your snprintf must correclty zero-terminate the buffer! */ diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 1371ff1c6..7922e8c75 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -66,6 +66,9 @@ extern "C" { #if !defined(MBEDTLS_PLATFORM_STD_EXIT) #define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use */ #endif +#if !defined(MBEDTLS_PLATFORM_STD_TIME) +#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use */ +#endif #if !defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS) #define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS EXIT_SUCCESS /**< Default exit value to use */ #endif @@ -227,6 +230,37 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); #define MBEDTLS_EXIT_FAILURE 1 #endif +/* + * The time_t datatype + */ +#if defined(MBEDTLS_PLATFORM_TIME_T_MACRO) +#define mbedtls_time_t MBEDTLS_PLATFORM_TIME_T_MACRO +#else +#define mbedtls_time_t time_t +#endif /* MBEDTLS_PLATFORM_TIME_T_MACRO */ + +/* + * The function pointers for time + */ +#if defined(MBEDTLS_PLATFORM_TIME_ALT) +extern time_t (*mbedtls_time)( mbedtls_time_t* time ); + +/** + * \brief Set your own time function pointer + * + * \param time_func the time function implementation + * + * \return 0 + */ +int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t time ) ); +#else +#if defined(MBEDTLS_PLATFORM_TIME_MACRO) +#define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO +#else +#define mbedtls_time time +#endif /* MBEDTLS_PLATFORM_TIME_MACRO */ +#endif /* MBEDTLS_PLATFORM_TIME_ALT */ + #ifdef __cplusplus } #endif diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3e05f3f3d..67c62b744 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -542,7 +542,7 @@ typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; struct mbedtls_ssl_session { #if defined(MBEDTLS_HAVE_TIME) - time_t start; /*!< starting time */ + mbedtls_time_t start; /*!< starting time */ #endif int ciphersuite; /*!< chosen ciphersuite */ int compression; /*!< chosen compression */ diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index 1155924a9..3734bb727 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -60,7 +60,7 @@ typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry; struct mbedtls_ssl_cache_entry { #if defined(MBEDTLS_HAVE_TIME) - time_t timestamp; /*!< entry timestamp */ + mbedtls_time_t timestamp; /*!< entry timestamp */ #endif mbedtls_ssl_session session; /*!< entry session */ #if defined(MBEDTLS_X509_CRT_PARSE_C) diff --git a/library/debug.c b/library/debug.c index 4752ab1a3..a032478da 100644 --- a/library/debug.c +++ b/library/debug.c @@ -27,21 +27,22 @@ #if defined(MBEDTLS_DEBUG_C) -#include "mbedtls/debug.h" - -#include -#include -#include - #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include #define mbedtls_calloc calloc #define mbedtls_free free +#define mbedtls_time_t time_t #define mbedtls_snprintf snprintf #endif +#include "mbedtls/debug.h" + +#include +#include +#include + #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline diff --git a/library/net.c b/library/net.c index 3b78b6b15..4142bc061 100644 --- a/library/net.c +++ b/library/net.c @@ -32,6 +32,13 @@ #error "This module only works on Unix and Windows, see MBEDTLS_NET_C in config.h" #endif +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_time_t time_t +#endif + #include "mbedtls/net.h" #include @@ -86,7 +93,6 @@ static int wsa_init_done = 0; #define MSVC_INT_CAST #endif -#include #include #include diff --git a/library/platform.c b/library/platform.c index d634c6277..e7ec0ad6a 100644 --- a/library/platform.c +++ b/library/platform.c @@ -190,4 +190,27 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) ) } #endif /* MBEDTLS_PLATFORM_EXIT_ALT */ +#if defined(MBEDTLS_PLATFORM_TIME_ALT) +#if !defined(MBEDTLS_PLATFORM_STD_TIME) +/* + * Make dummy function to prevent NULL pointer dereferences + */ +static mbedtls_time_t platform_time_uninit( mbedtls_time_t* timer ) +{ + ((void) timer); + return( NULL ); +} + +#define MBEDTLS_PLATFORM_STD_TIME platform_time_uninit +#endif /* !MBEDTLS_PLATFORM_STD_TIME */ + +time_t (*mbedtls_time)( mbedtls_time_t* timer ) = MBEDTLS_PLATFORM_STD_TIME; + +int mbedtls_platform_set_exit( mbedtls_time_t (*time_func)( mbedtls_time_t timer ) ) +{ + mbedtls_time = time_func; + return( 0 ); +} +#endif /* MBEDTLS_PLATFORM_TIME_ALT */ + #endif /* MBEDTLS_PLATFORM_C */ diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 711bc535c..01c66aed1 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -31,18 +31,20 @@ #if defined(MBEDTLS_SSL_CACHE_C) -#include "mbedtls/ssl_cache.h" - -#include - #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include #define mbedtls_calloc calloc -#define mbedtls_free free +#define mbedtls_free free +#define mbedtls_time time +#define mbedtls_time_t time_t #endif +#include "mbedtls/ssl_cache.h" + +#include + void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) { memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) ); @@ -59,7 +61,7 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) { int ret = 1; #if defined(MBEDTLS_HAVE_TIME) - time_t t = time( NULL ); + mbedtls_time_t t = mbedtls_time( NULL ); #endif mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; mbedtls_ssl_cache_entry *cur, *entry; @@ -138,7 +140,7 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) { int ret = 1; #if defined(MBEDTLS_HAVE_TIME) - time_t t = time( NULL ), oldest = 0; + mbedtls_time_t t = time( NULL ), oldest = 0; mbedtls_ssl_cache_entry *old = NULL; #endif mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 949b9ed64..35463317f 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -29,10 +29,16 @@ #if defined(MBEDTLS_SSL_TLS_C) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_time_t time_t +#endif + #include "mbedtls/ssl_ciphersuites.h" #include "mbedtls/ssl.h" -// #include #include /* diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 7f5b94eb2..cd39db027 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -27,20 +27,22 @@ #if defined(MBEDTLS_SSL_CLI_C) -#include "mbedtls/debug.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_internal.h" - -#include - #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include #define mbedtls_calloc calloc -#define mbedtls_free free +#define mbedtls_free free +#define mbedtls_time time +#define mbedtls_time_t time_t #endif +#include "mbedtls/debug.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_internal.h" + +#include + #include #if defined(MBEDTLS_HAVE_TIME) @@ -669,7 +671,7 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) int ret; unsigned char *p = ssl->handshake->randbytes; #if defined(MBEDTLS_HAVE_TIME) - time_t t; + mbedtls_time_t t; #endif /* @@ -684,7 +686,7 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) #endif #if defined(MBEDTLS_HAVE_TIME) - t = time( NULL ); + t = mbedtls_time( NULL ); *p++ = (unsigned char)( t >> 24 ); *p++ = (unsigned char)( t >> 16 ); *p++ = (unsigned char)( t >> 8 ); @@ -1592,7 +1594,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) ssl->state++; ssl->handshake->resume = 0; #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = time( NULL ); + ssl->session_negotiate->start = mbedtls_time( NULL ); #endif ssl->session_negotiate->ciphersuite = i; ssl->session_negotiate->compression = comp; diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 7e0c573ad..f241c86d8 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -31,16 +31,18 @@ #if defined(MBEDTLS_SSL_COOKIE_C) -#include "mbedtls/ssl_cookie.h" -#include "mbedtls/ssl_internal.h" - #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #define mbedtls_calloc calloc -#define mbedtls_free free +#define mbedtls_free free +#define mbedtls_time time +#define mbedtls_time_t time_t #endif +#include "mbedtls/ssl_cookie.h" +#include "mbedtls/ssl_internal.h" + #include /* Implementation that should never be optimized out by the compiler */ @@ -172,7 +174,7 @@ int mbedtls_ssl_cookie_write( void *p_ctx, return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_HAVE_TIME) - t = (unsigned long) time( NULL ); + t = (unsigned long) mbedtls_time( NULL ); #else t = ctx->serial++; #endif @@ -242,7 +244,7 @@ int mbedtls_ssl_cookie_check( void *p_ctx, return( -1 ); #if defined(MBEDTLS_HAVE_TIME) - cur_time = (unsigned long) time( NULL ); + cur_time = (unsigned long) mbedtls_time( NULL ); #else cur_time = ctx->serial; #endif diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 6bd0b598a..9fc21a5ef 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -27,6 +27,16 @@ #if defined(MBEDTLS_SSL_SRV_C) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#define mbedtls_time time +#define mbedtls_time_t time_t +#endif + #include "mbedtls/debug.h" #include "mbedtls/ssl.h" #include "mbedtls/ssl_internal.h" @@ -37,14 +47,6 @@ #include "mbedtls/ecp.h" #endif -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - #if defined(MBEDTLS_HAVE_TIME) #include #endif @@ -2210,7 +2212,7 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) { #if defined(MBEDTLS_HAVE_TIME) - time_t t; + mbedtls_time_t t; #endif int ret; size_t olen, ext_len = 0, n; @@ -2253,7 +2255,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) buf[4], buf[5] ) ); #if defined(MBEDTLS_HAVE_TIME) - t = time( NULL ); + t = mbedtls_time( NULL ); *p++ = (unsigned char)( t >> 24 ); *p++ = (unsigned char)( t >> 16 ); *p++ = (unsigned char)( t >> 8 ); @@ -2302,7 +2304,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) ssl->state++; #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = time( NULL ); + ssl->session_negotiate->start = mbedtls_time( NULL ); #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 0e27900b5..5d77403e5 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -27,16 +27,18 @@ #if defined(MBEDTLS_SSL_TICKET_C) -#include "mbedtls/ssl_ticket.h" - #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include #define mbedtls_calloc calloc -#define mbedtls_free free +#define mbedtls_free free +#define mbedtls_time time +#define mbedtls_time_t time_t #endif +#include "mbedtls/ssl_ticket.h" + #include /* Implementation that should never be optimized out by the compiler */ @@ -69,7 +71,7 @@ static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx, mbedtls_ssl_ticket_key *key = ctx->keys + index; #if defined(MBEDTLS_HAVE_TIME) - key->generation_time = (uint32_t) time( NULL ); + key->generation_time = (uint32_t) mbedtls_time( NULL ); #endif if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 ) @@ -98,7 +100,7 @@ static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx ) #else if( ctx->ticket_lifetime != 0 ) { - uint32_t current_time = (uint32_t) time( NULL ); + uint32_t current_time = (uint32_t) mbedtls_time( NULL ); uint32_t key_time = ctx->keys[ctx->active].generation_time; if( current_time > key_time && @@ -451,7 +453,7 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, #if defined(MBEDTLS_HAVE_TIME) { /* Check for expiration */ - time_t current_time = time( NULL ); + mbedtls_time_t current_time = mbedtls_time( NULL ); if( current_time < session->start || (uint32_t)( current_time - session->start ) > ctx->ticket_lifetime ) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 1c44b7ddb..19cc35792 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -35,6 +35,15 @@ #if defined(MBEDTLS_SSL_TLS_C) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#define mbedtls_time_t time_t +#endif + #include "mbedtls/debug.h" #include "mbedtls/ssl.h" #include "mbedtls/ssl_internal.h" @@ -46,14 +55,6 @@ #include "mbedtls/oid.h" #endif -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; diff --git a/library/x509.c b/library/x509.c index ffc3d6c94..a0df81708 100644 --- a/library/x509.c +++ b/library/x509.c @@ -53,10 +53,12 @@ #else #include #include -#define mbedtls_free free +#define mbedtls_free free #define mbedtls_calloc calloc -#define mbedtls_printf printf -#define mbedtls_snprintf snprintf +#define mbedtls_time time +#define mbedtls_time_t time_t +#define mbedtls_printf printf +#define mbedtls_snprintf snprintf #endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -843,7 +845,7 @@ static int x509_get_current_time( mbedtls_x509_time *now ) static int x509_get_current_time( mbedtls_x509_time *now ) { struct tm *lt; - time_t tt; + mbedtls_time_t tt; int ret = 0; #if defined(MBEDTLS_THREADING_C) @@ -851,7 +853,7 @@ static int x509_get_current_time( mbedtls_x509_time *now ) return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); #endif - tt = time( NULL ); + tt = mbedtls_time( NULL ); lt = gmtime( &tt ); if( lt == NULL ) diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index 26082ef5b..d3954c571 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -43,12 +43,14 @@ #if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(UNIX) + #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include #define mbedtls_printf printf #endif + int main( void ) { mbedtls_printf( "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " @@ -58,6 +60,15 @@ int main( void ) } #else +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_time_t time_t +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif + #include #include "mbedtls/net.h" From 3fe6cd3a2d621d40b69102caf280da283df13a50 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Tue, 26 Apr 2016 19:51:29 +0100 Subject: [PATCH 08/11] Fixes time() abstraction for custom configs Added platform abstraction of time() to ChangeLog, version features, and fixed the build for dynamic configuration. --- ChangeLog | 4 ++++ include/mbedtls/platform.h | 5 +++-- library/platform.c | 6 +++--- library/version_features.c | 3 +++ 4 files changed, 13 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 128113838..3e2ea6b5c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,10 @@ mbed TLS ChangeLog (Sorted per branch, date) = mbed TLS 2.x branch +Features + * Support for platform abstraction of the standard C library time() + function. + Bugfix * Fix bug in mbedtls_mpi_add_mpi() that caused wrong results when the three arguments where the same (in-place doubling). Found and fixed by Janos diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 7922e8c75..69a6afda4 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -44,6 +44,7 @@ extern "C" { #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) #include #include +#include #if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF) #if defined(_WIN32) #define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf /**< Default snprintf to use */ @@ -243,7 +244,7 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); * The function pointers for time */ #if defined(MBEDTLS_PLATFORM_TIME_ALT) -extern time_t (*mbedtls_time)( mbedtls_time_t* time ); +extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time ); /** * \brief Set your own time function pointer @@ -252,7 +253,7 @@ extern time_t (*mbedtls_time)( mbedtls_time_t* time ); * * \return 0 */ -int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t time ) ); +int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) ); #else #if defined(MBEDTLS_PLATFORM_TIME_MACRO) #define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO diff --git a/library/platform.c b/library/platform.c index e7ec0ad6a..89a2bd65d 100644 --- a/library/platform.c +++ b/library/platform.c @@ -198,15 +198,15 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) ) static mbedtls_time_t platform_time_uninit( mbedtls_time_t* timer ) { ((void) timer); - return( NULL ); + return( 0 ); } #define MBEDTLS_PLATFORM_STD_TIME platform_time_uninit #endif /* !MBEDTLS_PLATFORM_STD_TIME */ -time_t (*mbedtls_time)( mbedtls_time_t* timer ) = MBEDTLS_PLATFORM_STD_TIME; +mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* timer ) = MBEDTLS_PLATFORM_STD_TIME; -int mbedtls_platform_set_exit( mbedtls_time_t (*time_func)( mbedtls_time_t timer ) ) +int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* timer ) ) { mbedtls_time = time_func; return( 0 ); diff --git a/library/version_features.c b/library/version_features.c index 1575e093e..b852ca81a 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -54,6 +54,9 @@ static const char *features[] = { #if defined(MBEDTLS_PLATFORM_EXIT_ALT) "MBEDTLS_PLATFORM_EXIT_ALT", #endif /* MBEDTLS_PLATFORM_EXIT_ALT */ +#if defined(MBEDTLS_PLATFORM_TIME_ALT) + "MBEDTLS_PLATFORM_TIME_ALT", +#endif /* MBEDTLS_PLATFORM_TIME_ALT */ #if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) "MBEDTLS_PLATFORM_FPRINTF_ALT", #endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ From 80aea30aa5c72c3cdc6ea8322385747886508975 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Wed, 27 Apr 2016 00:28:14 +0100 Subject: [PATCH 09/11] Fixes syntax and naming for check-names.sh Some macros were failing checks by check-names.sh --- include/mbedtls/config.h | 2 ++ include/mbedtls/platform.h | 8 ++++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 3c3d9ca2d..0efee0454 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2479,6 +2479,8 @@ //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ /* Note: your snprintf must correclty zero-terminate the buffer! */ diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 69a6afda4..039cb587a 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -234,11 +234,11 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); /* * The time_t datatype */ -#if defined(MBEDTLS_PLATFORM_TIME_T_MACRO) -#define mbedtls_time_t MBEDTLS_PLATFORM_TIME_T_MACRO +#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) +typedef MBEDTLS_PLATFORM_TIME_TYPE_MACRO mbedtls_time_t; #else -#define mbedtls_time_t time_t -#endif /* MBEDTLS_PLATFORM_TIME_T_MACRO */ +typedef time_t mbedtls_time_t; +#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */ /* * The function pointers for time From d3138c35c68481fc9cdc1990b8108c5970b92305 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Wed, 27 Apr 2016 01:26:50 +0100 Subject: [PATCH 10/11] Fixes SSL sample apps for non-default configs Fixes the SSL sample applications to build for the non-default configs which don't build if MBEDTLS_PLATFORM_C isn't defined. --- programs/ssl/ssl_client1.c | 3 +++ programs/ssl/ssl_client2.c | 3 +++ programs/ssl/ssl_mail_client.c | 3 +++ programs/ssl/ssl_server.c | 3 +++ programs/ssl/ssl_server2.c | 3 +++ programs/test/udp_proxy.c | 9 +++++---- 6 files changed, 20 insertions(+), 4 deletions(-) diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 1aeddf71c..3516e15c9 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -29,6 +29,9 @@ #include "mbedtls/platform.h" #else #include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t #define mbedtls_fprintf fprintf #define mbedtls_printf printf #endif diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 559e5028d..78f9e00f5 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -29,6 +29,9 @@ #include "mbedtls/platform.h" #else #include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t #define mbedtls_printf printf #define mbedtls_fprintf fprintf #define mbedtls_snprintf snprintf diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 974c17020..c807eb569 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -29,6 +29,9 @@ #include "mbedtls/platform.h" #else #include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t #define mbedtls_fprintf fprintf #define mbedtls_printf printf #endif diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 70efba938..c7f526795 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -29,6 +29,9 @@ #include "mbedtls/platform.h" #else #include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t #define mbedtls_fprintf fprintf #define mbedtls_printf printf #endif diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index b586a7008..6d4e9165b 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -29,7 +29,10 @@ #include "mbedtls/platform.h" #else #include +#include #define mbedtls_free free +#define mbedtls_time time +#define mbedtls_time_t time_t #define mbedtls_calloc calloc #define mbedtls_fprintf fprintf #define mbedtls_printf printf diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index eb8d29e71..b698c78f0 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -34,11 +34,15 @@ #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else +#include +#include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t #define mbedtls_printf printf #endif #if !defined(MBEDTLS_NET_C) -#include int main( void ) { mbedtls_printf( "MBEDTLS_NET_C not defined.\n" ); @@ -50,10 +54,7 @@ int main( void ) #include "mbedtls/error.h" #include "mbedtls/ssl.h" -#include -#include #include -#include /* For select() */ #if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ From b2d5dd105dd6073c40aecdbb1471928d90b61287 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Wed, 27 Apr 2016 13:35:37 +0100 Subject: [PATCH 11/11] Fixes X509 sample app and SSL test suite Fixes the X.509 cert_app and the SSL test suite for the non-default configs which don't build with if MBEDTLS_PLATFORM_C isn't defined. --- programs/x509/cert_app.c | 3 +++ tests/suites/helpers.function | 5 +++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 84f67e6d3..3f50a7a14 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -29,6 +29,9 @@ #include "mbedtls/platform.h" #else #include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t #define mbedtls_fprintf fprintf #define mbedtls_printf printf #endif diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index c4128b403..cc9ab7c42 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -6,11 +6,14 @@ #include "mbedtls/platform.h" #else #include +#include #define mbedtls_printf printf #define mbedtls_fprintf fprintf #define mbedtls_calloc calloc #define mbedtls_free free #define mbedtls_exit exit +#define mbedtls_time time +#define mbedtls_time_t time_t #define mbedtls_fprintf fprintf #define mbedtls_printf printf #define mbedtls_snprintf snprintf @@ -29,8 +32,6 @@ typedef UINT32 uint32_t; #include #endif -#include -#include #include