mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-24 01:05:41 +00:00
SSL test programs: abstract CTR_DRBG away
In ssl_client2 and ssl_server2, to generate random data, go through a level of indirection provided by ssl_test_lib. This way the programs don't depend on a particular choice of RNG implementation, and only ssl_test_lib.{h,c} explicitly reference CTR_DRBG. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
f1cb75fe13
commit
535fb37870
|
@ -1880,7 +1880,7 @@ int main( int argc, char *argv[] )
|
|||
#endif
|
||||
#endif
|
||||
}
|
||||
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &rng.drbg );
|
||||
mbedtls_ssl_conf_rng( &conf, rng_get, &rng );
|
||||
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
|
||||
|
||||
mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
|
||||
|
|
|
@ -2682,7 +2682,7 @@ int main( int argc, char *argv[] )
|
|||
#endif
|
||||
#endif
|
||||
}
|
||||
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &rng.drbg );
|
||||
mbedtls_ssl_conf_rng( &conf, rng_get, &rng );
|
||||
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
|
@ -2701,7 +2701,7 @@ int main( int argc, char *argv[] )
|
|||
if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED )
|
||||
{
|
||||
if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx,
|
||||
mbedtls_ctr_drbg_random, &rng.drbg,
|
||||
rng_get, &rng,
|
||||
MBEDTLS_CIPHER_AES_256_GCM,
|
||||
opt.ticket_timeout ) ) != 0 )
|
||||
{
|
||||
|
@ -2723,7 +2723,7 @@ int main( int argc, char *argv[] )
|
|||
if( opt.cookies > 0 )
|
||||
{
|
||||
if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx,
|
||||
mbedtls_ctr_drbg_random, &rng.drbg ) ) != 0 )
|
||||
rng_get, &rng ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret );
|
||||
goto exit;
|
||||
|
@ -2875,8 +2875,8 @@ int main( int argc, char *argv[] )
|
|||
ssl_async_keys.inject_error = ( opt.async_private_error < 0 ?
|
||||
- opt.async_private_error :
|
||||
opt.async_private_error );
|
||||
ssl_async_keys.f_rng = mbedtls_ctr_drbg_random;
|
||||
ssl_async_keys.p_rng = &rng.drbg;
|
||||
ssl_async_keys.f_rng = rng_get;
|
||||
ssl_async_keys.p_rng = &rng;
|
||||
mbedtls_ssl_conf_async_private_cb( &conf,
|
||||
sign,
|
||||
decrypt,
|
||||
|
|
|
@ -95,6 +95,12 @@ void rng_free( rng_context_t *rng )
|
|||
mbedtls_entropy_free( &rng->entropy );
|
||||
}
|
||||
|
||||
int rng_get( void *p_rng, unsigned char *output, size_t output_len )
|
||||
{
|
||||
rng_context_t *rng = p_rng;
|
||||
return( mbedtls_ctr_drbg_random( &rng->drbg, output, output_len ) );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
||||
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
||||
mbedtls_x509_crt **candidates )
|
||||
|
|
|
@ -164,6 +164,21 @@ int rng_seed( rng_context_t *rng, int reproducible, const char *pers );
|
|||
*/
|
||||
void rng_free( rng_context_t *rng );
|
||||
|
||||
/** Generate random data.
|
||||
*
|
||||
* This function is suitable for use as the \c f_rng argument to Mbed TLS
|
||||
* library functions.
|
||||
*
|
||||
* \param p_rng The CTR_DRBG context. This must be a pointer to a
|
||||
* #rng_context_t structure.
|
||||
* \param output The buffer to fill.
|
||||
* \param output_len The length of the buffer in bytes.
|
||||
*
|
||||
* \return \c 0 on success.
|
||||
* \return An Mbed TLS error code on error.
|
||||
*/
|
||||
int rng_get( void *p_rng, unsigned char *output, size_t output_len );
|
||||
|
||||
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
|
||||
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
||||
mbedtls_x509_crt **candidates );
|
||||
|
|
Loading…
Reference in a new issue