lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge pull request #6452 from AndrzejKurek/depends-py-reloaded-2-28

Browse Source 
[Backport 2.28] Unified tests/scripts/depends.py - reloaded
This commit is contained in:
Dave Rodgman
2022-11-24 10:59:31 +00:00
committed by GitHub
parent 05dcb1300d f53d0ba529
commit b400fb0b76
31 changed files with 1106 additions and 1479 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
programs/ssl/ssl_server2.c
View File

@ -168,7 +168,7 @@ int main( void )
*/
#define DFL_IO_BUF_LEN 200
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_FS_IO)
#define USAGE_IO \
" ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \
@ -199,8 +199,8 @@ int main( void )
#endif /* MBEDTLS_FS_IO */
#else
#define USAGE_IO ""
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#define USAGE_KEY_OPAQUE \
" key_opaque=%%d Handle your private keys as if they were opaque\n" \
" default: 0 (disabled)\n"
@ -1031,14 +1031,6 @@ typedef enum
ASYNC_OP_SIGN,
ASYNC_OP_DECRYPT,
} ssl_async_operation_type_t;
/* Note that the enum above and the array below need to be kept in sync!
* `ssl_async_operation_names[op]` is the name of op for each value `op`
* of type `ssl_async_operation_type_t`. */
static const char *const ssl_async_operation_names[] =
{
"sign",
"decrypt",
};
typedef struct
{
@ -1050,6 +1042,17 @@ typedef struct
unsigned remaining_delay;
} ssl_async_operation_context_t;
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/* Note that ssl_async_operation_type_t and the array below need to be kept in sync!
* `ssl_async_operation_names[op]` is the name of op for each value `op`
* of type `ssl_async_operation_type_t`. */
static const char *const ssl_async_operation_names[] =
{
"sign",
"decrypt",
};
static int ssl_async_start( mbedtls_ssl_context *ssl,
mbedtls_x509_crt *cert,
ssl_async_operation_type_t op_type,
@ -1201,6 +1204,7 @@ static void ssl_async_cancel( mbedtls_ssl_context *ssl )
mbedtls_printf( "Async cancel callback.\n" );
mbedtls_free( ctx );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
@ -1302,10 +1306,6 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_COOKIE_C)
mbedtls_ssl_cookie_ctx cookie_ctx;
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif
rng_context_t rng;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
@ -1315,22 +1315,23 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_RENEGOTIATION)
unsigned char renego_period[8] = { 0 };
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
uint32_t flags;
mbedtls_x509_crt cacert;
mbedtls_x509_crt srvcert;
mbedtls_pk_context pkey;
mbedtls_x509_crt srvcert2;
mbedtls_pk_context pkey2;
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_key_id_t key_slot = 0; /* invalid key slot */
psa_key_id_t key_slot2 = 0; /* invalid key slot */
#endif
int key_cert_init = 0, key_cert_init2 = 0;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
ssl_async_key_context_t ssl_async_keys;
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
mbedtls_dhm_context dhm;
#endif
@ -1409,16 +1410,16 @@ int main( int argc, char *argv[] )
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
rng_init( &rng );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &srvcert );
mbedtls_pk_init( &pkey );
mbedtls_x509_crt_init( &srvcert2 );
mbedtls_pk_init( &pkey2 );
#endif
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
memset( &ssl_async_keys, 0, sizeof( ssl_async_keys ) );
#endif
#endif
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
mbedtls_dhm_init( &dhm );
#endif
@ -1638,7 +1639,7 @@ int main( int argc, char *argv[] )
opt.key_file = q;
else if( strcmp( p, "key_pwd" ) == 0 )
opt.key_pwd = q;
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
else if( strcmp( p, "key_opaque" ) == 0 )
opt.key_opaque = atoi( q );
#endif
@ -2361,7 +2362,7 @@ int main( int argc, char *argv[] )
goto exit;
mbedtls_printf( " ok\n" );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/*
* 1.1. Load the trusted CA
*/
@ -2559,7 +2560,7 @@ int main( int argc, char *argv[] )
#endif /* MBEDTLS_CERTS_C */
mbedtls_printf( " ok (key types: %s - %s)\n", mbedtls_pk_get_name( &pkey ), mbedtls_pk_get_name( &pkey2 ) );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
if( opt.dhm_file != NULL )
@ -2628,7 +2629,7 @@ int main( int argc, char *argv[] )
goto exit;
}
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/* The default algorithms profile disables SHA-1, but our tests still
rely on it heavily. Hence we allow it here. A real-world server
should use the default profile unless there is a good reason not to. */
@ -2638,7 +2639,7 @@ int main( int argc, char *argv[] )
mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test );
mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test );
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
if( opt.auth_mode != DFL_AUTH_MODE )
mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
@ -2892,7 +2893,7 @@ int main( int argc, char *argv[] )
}
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
if( strcmp( opt.ca_path, "none" ) != 0 &&
strcmp( opt.ca_file, "none" ) != 0 )
{
@ -2981,7 +2982,7 @@ int main( int argc, char *argv[] )
&ssl_async_keys );
}
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(SNI_OPTION)
if( opt.sni != NULL )
@ -3231,8 +3232,6 @@ reset:
}
#endif
mbedtls_printf( " ok\n" );
/*
* 4. Handshake
*/
@ -3277,7 +3276,7 @@ handshake:
{
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
{
char vrfy_buf[512];
@ -3323,7 +3322,7 @@ handshake:
}
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/*
* 5. Verify the client certificate
*/
@ -3351,7 +3350,7 @@ handshake:
mbedtls_ssl_get_peer_cert( &ssl ) );
mbedtls_printf( "%s\n", crt_buf );
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_EXPORT_KEYS)
if( opt.eap_tls != 0 )
@ -4047,7 +4046,7 @@ exit:
mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret );
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
mbedtls_x509_crt_free( &cacert );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );