Merge changes to config examples and configuration issues

ChangeLog

@@ -16,6 +16,8 @@ Features
    * Support for parsing and verifying RSASSA-PSS signatures in the X.509
      modules (certificates, CRLs and CSRs).
    * Blowfish in the cipher layer now supports variable length keys.
+   * Add example config.h for PSK with CCM, optimized for low RAM usage.
+   * Optimize for RAM usage in example config.h for NSA Suite B profile.
 
 Changes
    * Add LINK_WITH_PTHREAD option in CMake for explicit linking that is

configs/config-ccm-psk-tls1_2.h

@@ -0,0 +1,55 @@
+/*
+ * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
+ * Distinguishing features:
+ * - no bignum, no PK, no X509
+ * - fully modern and secure (provided the pre-shared keys have high entropy)
+ * - very low record overhead if using the CCM-8 suites
+ * - optimized for low RAM usage
+ *
+ * See README.txt for usage instructions.
+ */
+#ifndef POLARSSL_CONFIG_H
+#define POLARSSL_CONFIG_H
+
+/* System support */
+//#define POLARSSL_HAVE_IPV6 /* Optional */
+//#define POLARSSL_HAVE_TIME /* Optionnaly used in Hello messages */
+/* Other POLARSSL_HAVE_XXX flags irrelevant for this configuration */
+
+/* PolarSSL feature support */
+#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
+#define POLARSSL_SSL_PROTO_TLS1_2
+
+/* PolarSSL modules */
+#define POLARSSL_AES_C
+#define POLARSSL_CCM_C
+#define POLARSSL_CIPHER_C
+#define POLARSSL_CTR_DRBG_C
+#define POLARSSL_ENTROPY_C
+#define POLARSSL_MD_C
+#define POLARSSL_NET_C
+#define POLARSSL_SHA256_C
+#define POLARSSL_SSL_CLI_C
+#define POLARSSL_SSL_SRV_C
+#define POLARSSL_SSL_TLS_C
+
+/* Save RAM at the expense of ROM */
+#define POLARSSL_AES_ROM_TABLES
+
+/*
+ * You should adjust this to the exact number of sources you're using: default
+ * is the "platform_entropy_poll" source, but you may want to add other ones
+ * Minimum is 2 for the entropy test suite.
+ */
+#define ENTROPY_MAX_SOURCES 2
+
+/*
+ * Save RAM at the expense of interoperability: do this only if you control
+ * both ends of the connection!  (See coments in "polarssl/ssl.h".)
+ * The optimal size here depends on the typical size of records.
+ */
+#define SSL_MAX_CONTENT_LEN             512
+
+#include "check_config.h"
+
+#endif /* POLARSSL_CONFIG_H */

configs/config-picocoin.h

@@ -0,0 +1,53 @@
+/*
+ * Reduced configuration used by Picocoin.
+ *
+ * See README.txt for usage instructions.
+ *
+ * Distinguishing features:
+ * - no SSL/TLS;
+ * - no X.509;
+ * - ECDSA/PK and some other chosen crypto bits.
+ */
+
+#ifndef POLARSSL_CONFIG_H
+#define POLARSSL_CONFIG_H
+
+/* System support */
+#define POLARSSL_HAVE_LONGLONG
+#define POLARSSL_HAVE_ASM
+#define POLARSSL_HAVE_TIME
+#define POLARSSL_HAVE_IPV6
+
+/* PolarSSL feature support */
+#define POLARSSL_CIPHER_MODE_CBC
+#define POLARSSL_CIPHER_PADDING_PKCS7
+#define POLARSSL_ECP_DP_SECP256K1_ENABLED
+#define POLARSSL_ECDSA_DETERMINISTIC
+#define POLARSSL_PK_PARSE_EC_EXTENDED
+#define POLARSSL_ERROR_STRERROR_DUMMY
+#define POLARSSL_FS_IO
+
+/* PolarSSL modules */
+#define POLARSSL_AESNI_C
+#define POLARSSL_AES_C
+#define POLARSSL_ASN1_PARSE_C
+#define POLARSSL_ASN1_WRITE_C
+#define POLARSSL_BASE64_C
+#define POLARSSL_BIGNUM_C
+#define POLARSSL_ECDSA_C
+#define POLARSSL_ECP_C
+#define POLARSSL_ENTROPY_C
+#define POLARSSL_HMAC_DRBG_C
+#define POLARSSL_MD_C
+#define POLARSSL_OID_C
+#define POLARSSL_PADLOCK_C
+#define POLARSSL_PK_C
+#define POLARSSL_PK_PARSE_C
+#define POLARSSL_PK_WRITE_C
+#define POLARSSL_RIPEMD160_C
+#define POLARSSL_SHA1_C
+#define POLARSSL_SHA256_C
+
+#include "check_config.h"
+
+#endif /* POLARSSL_CONFIG_H */

configs/config-psk-rc4-tls1_0.h

@@ -2,15 +2,19 @@
  * Custom compact configuration for TLS 1.0 with PSK and RC4
  * Distinguishing features: no bignum, no PK, no X509.
  *
+ * WARNING: RC4 is in the process of being deprecated!
+ * This configuration is kept for testing purposes only, DO NOT USE it!
+ * For a safe and lean PSK-based configuration, see config-ccm-psk-tls1_2.h
+ *
  * See README.txt for usage instructions.
  */
-
 #ifndef POLARSSL_CONFIG_H
 #define POLARSSL_CONFIG_H
 
 /* System support */
-#define POLARSSL_HAVE_TIME
+//#define POLARSSL_HAVE_IPV6 /* Optional */
-#define POLARSSL_HAVE_IPV6
+//#define POLARSSL_HAVE_TIME /* Optionnaly used in Hello messages */
+/* Other POLARSSL_HAVE_XXX flags irrelevant for this configuration */
 
 /* PolarSSL feature support */
 #define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
@@ -19,15 +23,12 @@
 /* PolarSSL modules */
 #define POLARSSL_AES_C
 #define POLARSSL_ARC4_C
-#define POLARSSL_ASN1_PARSE_C
-#define POLARSSL_ASN1_WRITE_C
 #define POLARSSL_CIPHER_C
 #define POLARSSL_CTR_DRBG_C
 #define POLARSSL_ENTROPY_C
 #define POLARSSL_MD_C
 #define POLARSSL_MD5_C
 #define POLARSSL_NET_C
-#define POLARSSL_OID_C
 #define POLARSSL_SHA1_C
 #define POLARSSL_SHA256_C
 #define POLARSSL_SSL_CLI_C

configs/config-suite-b.h

@@ -1,6 +1,14 @@
 /*
  * Minimal configuration for TLS NSA Suite B Profile (RFC 6460)
  *
+ * Distinguishing features:
+ * - no RSA or classic DH, fully based on ECC
+ * - optimized for low RAM usage
+ *
+ * Possible improvements:
+ * - if 128-bit security is enough, disable secp384r1 and SHA-512
+ * - use embedded certs in DER format and disable PEM_PARSE_C and BASE64_C
+ *
  * See README.txt for usage instructions.
  */
 
@@ -48,8 +56,34 @@
 #define POLARSSL_CERTS_C
 #define POLARSSL_PEM_PARSE_C
 
-/* For testing with compat.sh */
+/* Save RAM at the expense of ROM */
-#define POLARSSL_FS_IO
+#define POLARSSL_AES_ROM_TABLES
+
+/* Save RAM by adjusting to our exact needs */
+#define POLARSSL_ECP_MAX_BITS   384
+#define POLARSSL_MPI_MAX_SIZE    48 // 384 bits is 48 bytes
+
+/* Save RAM at the expense of speed, see ecp.h */
+#define POLARSSL_ECP_WINDOW_SIZE        2
+#define POLARSSL_ECP_FIXED_POINT_OPTIM  0
+
+/* Uncomment for a significant speed benefit at the expense of some ROM */
+//#define POLARSSL_ECP_NIST_OPTIM
+
+/*
+ * You should adjust this to the exact number of sources you're using: default
+ * is the "platform_entropy_poll" source, but you may want to add other ones.
+ * Minimum is 2 for the entropy test suite.
+ */
+#define ENTROPY_MAX_SOURCES 2
+
+/*
+ * Save RAM at the expense of interoperability: do this only if you control
+ * both ends of the connection!  (See coments in "polarssl/ssl.h".)
+ * The minimum size here depends on the certificate chain used as well as the
+ * typical size of records.
+ */
+#define SSL_MAX_CONTENT_LEN             1024
 
 #include "polarssl/check_config.h"
 

include/polarssl/cipher.h

@@ -36,7 +36,7 @@
 #include POLARSSL_CONFIG_FILE
 #endif
 
-#if defined(POLARSSL_GCM_C)
+#if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C)
 #define POLARSSL_CIPHER_MODE_AEAD
 #endif
 
@@ -534,25 +534,21 @@ int cipher_set_iv( cipher_context_t *ctx,
  */
 int cipher_reset( cipher_context_t *ctx );
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
 /**
  * \brief               Add additional data (for AEAD ciphers).
- *                      This function has no effect for non-AEAD ciphers.
+ *                      Currently only supported with GCM.
- *                      For AEAD ciphers, it may or may not be called
+ *                      Must be called exactly once, after cipher_reset().
- *                      repeatedly, and/or interleaved with calls to
- *                      cipher_udpate(), depending on the cipher.
- *                      E.g. for GCM is must be called exactly once, right
- *                      after cipher_reset().
  *
  * \param ctx           generic cipher context
  * \param ad            Additional data to use.
  * \param ad_len        Length of ad.
  *
- * \returns             0 on success, or a specific error code.
+ * \return              0 on success, or a specific error code.
  */
 int cipher_update_ad( cipher_context_t *ctx,
                       const unsigned char *ad, size_t ad_len );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif /* POLARSSL_GCM_C */
 
 /**
  * \brief               Generic cipher update function. Encrypts/decrypts
@@ -606,10 +602,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
 int cipher_finish( cipher_context_t *ctx,
                    unsigned char *output, size_t *olen );
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
 /**
  * \brief               Write tag for AEAD ciphers.
- *                      No effect for other ciphers.
+ *                      Currently only supported with GCM.
  *                      Must be called after cipher_finish().
  *
  * \param ctx           Generic cipher context
@@ -623,9 +619,8 @@ int cipher_write_tag( cipher_context_t *ctx,
 
 /**
  * \brief               Check tag for AEAD ciphers.
- *                      No effect for other ciphers.
+ *                      Currently only supported with GCM.
- *                      Calling time depends on the cipher:
+ *                      Must be called after cipher_finish().
- *                      for GCM, must be called after cipher_finish().
  *
  * \param ctx           Generic cipher context
  * \param tag           Buffer holding the tag
@@ -635,7 +630,7 @@ int cipher_write_tag( cipher_context_t *ctx,
  */
 int cipher_check_tag( cipher_context_t *ctx,
                       const unsigned char *tag, size_t tag_len );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif /* POLARSSL_GCM_C */
 
 /**
  * \brief               Generic all-in-one encryption/decryption

library/cipher.c

@@ -234,24 +234,22 @@ int cipher_reset( cipher_context_t *ctx )
     return( 0 );
 }
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
 int cipher_update_ad( cipher_context_t *ctx,
                       const unsigned char *ad, size_t ad_len )
 {
     if( NULL == ctx || NULL == ctx->cipher_info )
         return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
 
-#if defined(POLARSSL_GCM_C)
     if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
     {
         return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation,
                            ctx->iv, ctx->iv_size, ad, ad_len );
     }
-#endif
 
     return( 0 );
 }
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif /* POLARSSL_GCM_C */
 
 int cipher_update( cipher_context_t *ctx, const unsigned char *input,
                    size_t ilen, unsigned char *output, size_t *olen )
@@ -724,7 +722,7 @@ int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode )
 }
 #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
 int cipher_write_tag( cipher_context_t *ctx,
                       unsigned char *tag, size_t tag_len )
 {
@@ -734,10 +732,8 @@ int cipher_write_tag( cipher_context_t *ctx,
     if( POLARSSL_ENCRYPT != ctx->operation )
         return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
 
-#if defined(POLARSSL_GCM_C)
     if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
         return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len );
-#endif
 
     return( 0 );
 }
@@ -753,7 +749,6 @@ int cipher_check_tag( cipher_context_t *ctx,
         return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
     }
 
-#if defined(POLARSSL_GCM_C)
     if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
     {
         unsigned char check_tag[16];
@@ -778,11 +773,10 @@ int cipher_check_tag( cipher_context_t *ctx,
 
         return( 0 );
     }
-#endif /* POLARSSL_GCM_C */
 
     return( 0 );
 }
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif /* POLARSSL_GCM_C */
 
 /*
  * Packet-oriented wrapper for non-AEAD modes

library/pkparse.c

@@ -62,12 +62,12 @@
 #define polarssl_free       free
 #endif
 
+#if defined(POLARSSL_FS_IO)
 /* Implementation that should never be optimized out by the compiler */
 static void polarssl_zeroize( void *v, size_t n ) {
     volatile unsigned char *p = v; while( n-- ) *p++ = 0;
 }
 
-#if defined(POLARSSL_FS_IO)
 /*
  * Load all data from a file into a given buffer.
  */

library/ssl_ciphersuites.c

@@ -1105,23 +1105,23 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif /* POLARSSL_SHA1_C */
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #if defined(POLARSSL_CCM_C)
-    { TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
+    { TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
-      POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
+      POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       0 },
-    { TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
+    { TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
-      POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
+      POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       POLARSSL_CIPHERSUITE_SHORT_TAG },
-    { TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
+    { TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
-      POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
+      POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       0 },
-    { TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
+    { TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
-      POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
+      POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       POLARSSL_CIPHERSUITE_SHORT_TAG },
@@ -1241,23 +1241,23 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif /* POLARSSL_SHA1_C */
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #if defined(POLARSSL_CCM_C)
-    { TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
+    { TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
-      POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
+      POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       0 },
-    { TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
+    { TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
-      POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
+      POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       POLARSSL_CIPHERSUITE_SHORT_TAG },
-    { TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
+    { TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
-      POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
+      POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       0 },
-    { TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
+    { TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
-      POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
+      POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       POLARSSL_CIPHERSUITE_SHORT_TAG },

library/ssl_cli.c

@@ -148,8 +148,10 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl,
                                                 size_t *olen )
 {
     unsigned char *p = buf;
-    unsigned char *sig_alg_list = buf + 6;
     size_t sig_alg_len = 0;
+#if defined(POLARSSL_RSA_C) || defined(POLARSSL_ECDSA_C)
+    unsigned char *sig_alg_list = buf + 6;
+#endif
 
     *olen = 0;
 

programs/pkey/key_app_writer.c

@@ -63,8 +63,13 @@ int main( int argc, char *argv[] )
 #define DFL_FILENAME            "keyfile.key"
 #define DFL_DEBUG_LEVEL         0
 #define DFL_OUTPUT_MODE         OUTPUT_MODE_NONE
+#if defined(POLARSSL_PEM_WRITE_C)
 #define DFL_OUTPUT_FILENAME     "keyfile.pem"
 #define DFL_OUTPUT_FORMAT       OUTPUT_FORMAT_PEM
+#else
+#define DFL_OUTPUT_FILENAME     "keyfile.der"
+#define DFL_OUTPUT_FORMAT       OUTPUT_FORMAT_DER
+#endif
 
 /*
  * global options
@@ -88,6 +93,7 @@ static int write_public_key( pk_context *key, const char *output_file )
 
     memset(output_buf, 0, 16000);
 
+#if defined(POLARSSL_PEM_WRITE_C)
     if( opt.output_format == OUTPUT_FORMAT_PEM )
     {
         if( ( ret = pk_write_pubkey_pem( key, output_buf, 16000 ) ) != 0 )
@@ -96,6 +102,7 @@ static int write_public_key( pk_context *key, const char *output_file )
         len = strlen( (char *) output_buf );
     }
     else
+#endif
     {
         if( ( ret = pk_write_pubkey_der( key, output_buf, 16000 ) ) < 0 )
             return( ret );
@@ -127,6 +134,8 @@ static int write_private_key( pk_context *key, const char *output_file )
     size_t len = 0;
 
     memset(output_buf, 0, 16000);
+
+#if defined(POLARSSL_PEM_WRITE_C)
     if( opt.output_format == OUTPUT_FORMAT_PEM )
     {
         if( ( ret = pk_write_key_pem( key, output_buf, 16000 ) ) != 0 )
@@ -135,6 +144,7 @@ static int write_private_key( pk_context *key, const char *output_file )
         len = strlen( (char *) output_buf );
     }
     else
+#endif
     {
         if( ( ret = pk_write_key_der( key, output_buf, 16000 ) ) < 0 )
             return( ret );
@@ -157,14 +167,23 @@ static int write_private_key( pk_context *key, const char *output_file )
     return( 0 );
 }
 
+#if defined(POLARSSL_PEM_WRITE_C)
+#define USAGE_OUT \
+    "    output_file=%%s      default: keyfile.pem\n"   \
+    "    output_format=pem|der default: pem\n"
+#else
+#define USAGE_OUT \
+    "    output_file=%%s      default: keyfile.der\n"   \
+    "    output_format=der     default: der\n"
+#endif
+
 #define USAGE \
     "\n usage: key_app param=<>...\n"                   \
     "\n acceptable parameters:\n"                       \
     "    mode=private|public default: none\n"           \
     "    filename=%%s         default: keyfile.key\n"   \
     "    output_mode=private|public default: none\n"    \
-    "    output_file=%%s      default: keyfile.pem\n"   \
+    USAGE_OUT                                           \
-    "    output_format=pem|der default: pem\n"          \
     "\n"
 
 int main( int argc, char *argv[] )
@@ -222,9 +241,12 @@ int main( int argc, char *argv[] )
         }
         else if( strcmp( p, "output_format" ) == 0 )
         {
+#if defined(POLARSSL_PEM_WRITE_C)
             if( strcmp( q, "pem" ) == 0 )
                 opt.output_format = OUTPUT_FORMAT_PEM;
-            else if( strcmp( q, "der" ) == 0 )
+            else
+#endif
+            if( strcmp( q, "der" ) == 0 )
                 opt.output_format = OUTPUT_FORMAT_DER;
             else
                 goto usage;

programs/ssl/ssl_client2.c

@@ -29,6 +29,22 @@
 #include POLARSSL_CONFIG_FILE
 #endif
 
+#if !defined(POLARSSL_ENTROPY_C) ||  \
+    !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
+    !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
+#include <stdio.h>
+int main( int argc, char *argv[] )
+{
+    ((void) argc);
+    ((void) argv);
+
+    printf("POLARSSL_ENTROPY_C and/or "
+           "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
+           "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
+    return( 0 );
+}
+#else
+
 #include <string.h>
 #include <stdlib.h>
 #include <stdio.h>
@@ -304,20 +320,6 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
     "    force_ciphersuite=<name>    default: all enabled\n"\
     " acceptable ciphersuite names:\n"
 
-#if !defined(POLARSSL_ENTROPY_C) ||  \
-    !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
-    !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
-{
-    ((void) argc);
-    ((void) argv);
-
-    printf("POLARSSL_ENTROPY_C and/or "
-           "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
-           "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
-    return( 0 );
-}
-#else
 int main( int argc, char *argv[] )
 {
     int ret = 0, len, server_fd, i, written, frags;

programs/ssl/ssl_server2.c

@@ -29,6 +29,22 @@
 #include POLARSSL_CONFIG_FILE
 #endif
 
+#if !defined(POLARSSL_ENTROPY_C) ||  \
+    !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \
+    !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
+#include <stdio.h>
+int main( int argc, char *argv[] )
+{
+    ((void) argc);
+    ((void) argv);
+
+    printf("POLARSSL_ENTROPY_C and/or "
+           "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
+           "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
+    return( 0 );
+}
+#else
+
 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && defined(POLARSSL_FS_IO)
 #define POLARSSL_SNI
 #endif
@@ -312,21 +328,6 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len )
     "    force_ciphersuite=<name>    default: all enabled\n"            \
     " acceptable ciphersuite names:\n"
 
-#if !defined(POLARSSL_ENTROPY_C) ||  \
-    !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \
-    !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C)
-int main( int argc, char *argv[] )
-{
-    ((void) argc);
-    ((void) argv);
-
-    printf("POLARSSL_ENTROPY_C and/or "
-           "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
-           "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n");
-    return( 0 );
-}
-#else
-
 /*
  * Used by sni_parse and psk_parse to handle coma-separated lists
  */

tests/scripts/test-ref-configs.pl

@@ -16,7 +16,11 @@ my %configs = (
     'config-mini-tls1_1.h'
         => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'',
     'config-suite-b.h'
-        => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM'",
+        => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p PolarSSL",
+    'config-picocoin.h'
+        => 0,
+    'config-ccm-psk-tls1_2.h'
+        => '-m tls1_2 -f \'TLS-PSK.*AES.*CCM\'',
 );
 
 # If no config-name is provided, use all known configs.
@@ -59,9 +63,17 @@ while( my ($conf, $args) = each %configs ) {
 
     system( "make" ) and abort "Failed to build: $conf\n";
     system( "make $test" ) and abort "Failed test suite: $conf\n";
-    print "\nrunning compat.sh $args\n";
+
-    system( "cd tests && ./compat.sh $args" )
+    if( $args )
-        and abort "Failed compat.sh: $conf\n";
+    {
+        print "\nrunning compat.sh $args\n";
+        system( "cd tests && ./compat.sh $args" )
+            and abort "Failed compat.sh: $conf\n";
+    }
+    else
+    {
+        print "\nskipping compat.sh\n";
+    }
 }
 
 system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";

tests/suites/test_suite_cipher.function

@@ -60,7 +60,7 @@ void cipher_null_args( )
     TEST_ASSERT( cipher_reset( NULL ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
     TEST_ASSERT( cipher_reset( &ctx ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     TEST_ASSERT( cipher_update_ad( NULL, buf, 0 )
                  == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
     TEST_ASSERT( cipher_update_ad( &ctx, buf, 0 )
@@ -77,7 +77,7 @@ void cipher_null_args( )
     TEST_ASSERT( cipher_finish( &ctx, buf, &olen )
                  == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     TEST_ASSERT( cipher_write_tag( NULL, buf, olen )
                  == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
     TEST_ASSERT( cipher_write_tag( &ctx, buf, olen )
@@ -157,10 +157,10 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
     TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
     TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) );
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) );
     TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
 
     /* encode length number of bytes from inbuf */
     TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) );
@@ -174,9 +174,9 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
     TEST_ASSERT( 0 == cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) );
     total_len += outlen;
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     TEST_ASSERT( 0 == cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
 
     TEST_ASSERT( total_len == length ||
                  ( total_len % cipher_get_block_size( &ctx_enc ) == 0 &&
@@ -195,9 +195,9 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
     TEST_ASSERT( 0 == cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) );
     total_len += outlen;
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     TEST_ASSERT( 0 == cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
 
     /* check result */
     TEST_ASSERT( total_len == length );
@@ -250,9 +250,9 @@ void enc_fail( int cipher_id, int pad_mode, int key_len,
 #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
     TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, 16 ) );
     TEST_ASSERT( 0 == cipher_reset( &ctx ) );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     TEST_ASSERT( 0 == cipher_update_ad( &ctx, NULL, 0 ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
 
     /* encode length number of bytes from inbuf */
     TEST_ASSERT( 0 == cipher_update( &ctx, inbuf, length, encbuf, &outlen ) );
@@ -297,9 +297,9 @@ void dec_empty_buf()
 
     TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
 
     /* decode 0-byte string */
     TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) );
@@ -359,10 +359,10 @@ void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
     TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
     TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) );
 
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) );
     TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, NULL, 0 ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
 
     /* encode length number of bytes from inbuf */
     TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) );
@@ -416,7 +416,7 @@ void decrypt_test_vec( int cipher_id, int pad_mode,
     unsigned char ad[200];
     unsigned char tag[20];
     size_t key_len, iv_len, cipher_len, clear_len;
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     size_t ad_len, tag_len;
 #endif
     cipher_context_t ctx;
@@ -435,7 +435,7 @@ void decrypt_test_vec( int cipher_id, int pad_mode,
     iv_len = unhexify( iv, hex_iv );
     cipher_len = unhexify( cipher, hex_cipher );
     clear_len = unhexify( clear, hex_clear );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     ad_len = unhexify( ad, hex_ad );
     tag_len = unhexify( tag, hex_tag );
 #else
@@ -455,9 +455,9 @@ void decrypt_test_vec( int cipher_id, int pad_mode,
 #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
     TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, iv_len ) );
     TEST_ASSERT( 0 == cipher_reset( &ctx ) );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     TEST_ASSERT( 0 == cipher_update_ad( &ctx, ad, ad_len ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
 
     /* decode buffer and check tag */
     total_len = 0;
@@ -466,9 +466,9 @@ void decrypt_test_vec( int cipher_id, int pad_mode,
     TEST_ASSERT( finish_result == cipher_finish( &ctx, output + outlen,
                                                  &outlen ) );
     total_len += outlen;
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
     TEST_ASSERT( tag_result == cipher_check_tag( &ctx, tag, tag_len ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
 
     /* check plaintext only if everything went fine */
     if( 0 == finish_result && 0 == tag_result )

tests/suites/test_suite_ecdsa.data

@@ -23,7 +23,7 @@ depends_on:POLARSSL_ECP_DP_SECP256R1_ENABLED
 ecdsa_prim_test_vectors:POLARSSL_ECP_DP_SECP256R1:"DC51D3866A15BACDE33D96F992FCA99DA7E6EF0934E7097559C27F1614C88A7F":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":"9E56F509196784D963D1C0A401510EE7ADA3DCC5DEE04B154BF61AF1D5A6DECE":"BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD":"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"86FA3BB4E26CAD5BF90B7F81899256CE7594BB1EA0C89212748BFF3B3D5B0315"
 
 ECDSA primitive rfc 4754 p384
-depends_on:POLARSSL_ECP_DP_SECP256R1_ENABLED
+depends_on:POLARSSL_ECP_DP_SECP384R1_ENABLED
 ecdsa_prim_test_vectors:POLARSSL_ECP_DP_SECP384R1:"0BEB646634BA87735D77AE4809A0EBEA865535DE4C1E1DCB692E84708E81A5AF62E528C38B2A81B35309668D73524D9F":"96281BF8DD5E0525CA049C048D345D3082968D10FEDF5C5ACA0C64E6465A97EA5CE10C9DFEC21797415710721F437922":"447688BA94708EB6E2E4D59F6AB6D7EDFF9301D249FE49C33096655F5D502FAD3D383B91C5E7EDAA2B714CC99D5743CA":"B4B74E44D71A13D568003D7489908D564C7761E229C58CBFA18950096EB7463B854D7FA992F934D927376285E63414FA":"CB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1631A8B605A43FF5BED8086072BA1E7CC2358BAECA134C825A7":"FB017B914E29149432D8BAC29A514640B46F53DDAB2C69948084E2930F1C8F7E08E07C9C63F2D21A07DCB56A6AF56EB3":"B263A1305E057F984D38726A1B46874109F417BCA112674C528262A40A629AF1CBB9F516CE0FA7D2FF630863A00E8B9F"
 
 ECDSA primitive rfc 4754 p521

tests/suites/test_suite_ecp.data

@@ -269,7 +269,7 @@ depends_on:POLARSSL_ECP_DP_SECP256R1_ENABLED
 ecp_tls_read_group:"030017":0:256
 
 ECP tls read group #5 (OK, buffer continues)
-depends_on:POLARSSL_ECP_DP_SECP256R1_ENABLED
+depends_on:POLARSSL_ECP_DP_SECP384R1_ENABLED
 ecp_tls_read_group:"0300180000":0:384
 
 ECP tls write-read group #1

tests/suites/test_suite_pkwrite.function

@@ -9,7 +9,7 @@
  * END_DEPENDENCIES
  */
 
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:POLARSSL_PEM_WRITE_C */
 void pk_write_pubkey_check( char *key_file )
 {
     pk_context key;
@@ -40,7 +40,7 @@ void pk_write_pubkey_check( char *key_file )
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:POLARSSL_PEM_WRITE_C */
 void pk_write_key_check( char *key_file )
 {
     pk_context key;

tests/suites/test_suite_x509parse.function

@@ -142,7 +142,7 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */
+/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_C */
 void x509_dn_gets( char *crt_file, char *entity, char *result_str )
 {
     x509_crt   crt;
@@ -169,7 +169,7 @@ void x509_dn_gets( char *crt_file, char *entity, char *result_str )
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */
+/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_C */
 void x509_time_expired( char *crt_file, char *entity, int result )
 {
     x509_crt   crt;
@@ -189,7 +189,7 @@ void x509_time_expired( char *crt_file, char *entity, int result )
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */
+/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_C */
 void x509_time_future( char *crt_file, char *entity, int result )
 {
     x509_crt   crt;
@@ -316,7 +316,7 @@ void x509_crt_parse_path( char *crt_path, int ret, int nb_crt )
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:POLARSSL_X509_USE_C */
 void x509_oid_desc( char *oid_str, char *ref_desc )
 {
     x509_buf oid;
@@ -341,7 +341,7 @@ void x509_oid_desc( char *oid_str, char *ref_desc )
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:POLARSSL_X509_USE_C */
 void x509_oid_numstr( char *oid_str, char *numstr, int blen, int ret )
 {
     x509_buf oid;