mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-11 14:05:32 +00:00
SSL test programs: enable the PSA test external RNG
Currently, MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is tested with a dummy insecure implementation of mbedtls_psa_external_get_random. This function needs to be explicitly enabled at runtime. This needs to happen when the PSA external RNG is used, which currently is the case in SSL test programs only when MBEDTLS_USE_PSA_CRYPTO is enabled. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
a222434952
commit
2146211204
|
@ -760,6 +760,9 @@ int main( int argc, char *argv[] )
|
||||||
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
|
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
|
||||||
|
mbedtls_test_enable_insecure_external_rng( );
|
||||||
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if( argc == 0 )
|
if( argc == 0 )
|
||||||
|
|
|
@ -1412,6 +1412,9 @@ int main( int argc, char *argv[] )
|
||||||
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
|
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
|
||||||
|
mbedtls_test_enable_insecure_external_rng( );
|
||||||
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if !defined(_WIN32)
|
#if !defined(_WIN32)
|
||||||
|
|
|
@ -189,6 +189,14 @@ void rng_free( rng_context_t *rng );
|
||||||
*/
|
*/
|
||||||
int rng_get( void *p_rng, unsigned char *output, size_t output_len );
|
int rng_get( void *p_rng, unsigned char *output, size_t output_len );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
|
||||||
|
/* The test implementation of the PSA external RNG is insecure. When
|
||||||
|
* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto
|
||||||
|
* function that makes use of an RNG, you must call
|
||||||
|
* mbedtls_test_enable_insecure_external_rng(). */
|
||||||
|
#include <test/psa_crypto_helpers.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
||||||
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
||||||
mbedtls_x509_crt **candidates );
|
mbedtls_x509_crt **candidates );
|
||||||
|
|
Loading…
Reference in a new issue