From bcc2683409eb2dad8d6166901a093277c1dd0af8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 9 Mar 2015 12:51:05 +0000 Subject: [PATCH 01/10] Update visual C files --- visualc/VS2010/mbedTLS.sln | 13 +++ visualc/VS2010/mini_client.vcxproj | 169 +++++++++++++++++++++++++++++ visualc/VS6/mbedtls.dsw | 15 +++ visualc/VS6/mini_client.dsp | 101 +++++++++++++++++ 4 files changed, 298 insertions(+) create mode 100644 visualc/VS2010/mini_client.vcxproj create mode 100644 visualc/VS6/mini_client.dsp diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln index 24acb066d..72e081866 100644 --- a/visualc/VS2010/mbedTLS.sln +++ b/visualc/VS2010/mbedTLS.sln @@ -153,6 +153,11 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_fork_server", "ssl_fork {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mini_client", "mini_client.vcxproj", "{C4FE29EA-266D-5295-4840-976B9B5B3843}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_mail_client", "ssl_mail_client.vcxproj", "{7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -474,6 +479,14 @@ Global {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.Build.0 = Release|Win32 {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.ActiveCfg = Release|x64 {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.Build.0 = Release|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.ActiveCfg = Debug|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.Build.0 = Debug|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.ActiveCfg = Debug|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.Build.0 = Debug|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.ActiveCfg = Release|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.Build.0 = Release|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.ActiveCfg = Release|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.Build.0 = Release|x64 {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.ActiveCfg = Debug|Win32 {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.Build.0 = Debug|Win32 {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.ActiveCfg = Debug|x64 diff --git a/visualc/VS2010/mini_client.vcxproj b/visualc/VS2010/mini_client.vcxproj new file mode 100644 index 000000000..e3007d75b --- /dev/null +++ b/visualc/VS2010/mini_client.vcxproj @@ -0,0 +1,169 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + + + + {C4FE29EA-266D-5295-4840-976B9B5B3843} + Win32Proj + mini_client + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + Windows7.1SDK + + + + + + + + + + + + + + + + + + + true + + + true + + + false + + + false + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies);mbedTLS.lib + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies);mbedTLS.lib + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies);mbedTLS.lib + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS6/mbedtls.dsw b/visualc/VS6/mbedtls.dsw index 124be3169..c9cd7fd50 100644 --- a/visualc/VS6/mbedtls.dsw +++ b/visualc/VS6/mbedtls.dsw @@ -453,6 +453,21 @@ Package=<4> ############################################################################### +Project: "mini_client"=.\mini_client.dsp - Package Owner=<4> + +Package=<5> +{{{ +}}} + +Package=<4> +{{{ + Begin Project Dependency + Project_Dep_Name mbedtls + End Project Dependency +}}} + +############################################################################### + Project: "ssl_mail_client"=.\ssl_mail_client.dsp - Package Owner=<4> Package=<5> diff --git a/visualc/VS6/mini_client.dsp b/visualc/VS6/mini_client.dsp new file mode 100644 index 000000000..9462cb659 --- /dev/null +++ b/visualc/VS6/mini_client.dsp @@ -0,0 +1,101 @@ +# Microsoft Developer Studio Project File - Name="mini_client" - Package Owner=<4> +# Microsoft Developer Studio Generated Build File, Format Version 6.00 +# ** DO NOT EDIT ** + +# TARGTYPE "Win32 (x86) Console Application" 0x0103 + +CFG=mini_client - Win32 Debug +!MESSAGE This is not a valid makefile. To build this project using NMAKE, +!MESSAGE use the Export Makefile command and run +!MESSAGE +!MESSAGE NMAKE /f "mini_client.mak". +!MESSAGE +!MESSAGE You can specify a configuration when running NMAKE +!MESSAGE by defining the macro CFG on the command line. For example: +!MESSAGE +!MESSAGE NMAKE /f "mini_client.mak" CFG="mini_client - Win32 Debug" +!MESSAGE +!MESSAGE Possible choices for configuration are: +!MESSAGE +!MESSAGE "mini_client - Win32 Release" (based on "Win32 (x86) Console Application") +!MESSAGE "mini_client - Win32 Debug" (based on "Win32 (x86) Console Application") +!MESSAGE + +# Begin Project +# PROP AllowPerConfigDependencies 0 +# PROP Scc_ProjName "" +# PROP Scc_LocalPath "" +CPP=cl.exe +RSC=rc.exe + +!IF "$(CFG)" == "mini_client - Win32 Release" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir "" +# PROP BASE Intermediate_Dir "temp" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir "" +# PROP Intermediate_Dir "temp" +# PROP Target_Dir "" +# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c +# ADD CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c +# ADD BASE RSC /l 0x40c /d "NDEBUG" +# ADD RSC /l 0x40c /d "NDEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 +# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 + +!ELSEIF "$(CFG)" == "mini_client - Win32 Debug" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir "" +# PROP BASE Intermediate_Dir "temp" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir "" +# PROP Intermediate_Dir "temp" +# PROP Target_Dir "" +# ADD BASE CPP /nologo /W3 /Gm /GX /Z7 /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c +# ADD CPP /nologo /W3 /Gm /GX /Z7 /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c +# ADD BASE RSC /l 0x40c /d "_DEBUG" +# ADD RSC /l 0x40c /d "_DEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept +# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept + +!ENDIF + +# Begin Target + +# Name "mini_client - Win32 Release" +# Name "mini_client - Win32 Debug" +# Begin Group "Source Files" + +# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" +# Begin Source File + +SOURCE=..\..\programs\ssl\mini_client.c +# ADD CPP /I "../../include" +# End Source File +# End Group +# Begin Group "Header Files" + +# PROP Default_Filter "h;hpp;hxx;hm;inl" +# End Group +# Begin Group "Resource Files" + +# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" +# End Group +# End Target +# End Project From 751286be390bcfa0dae1b56ae1eb81732e2b09b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Mar 2015 13:41:04 +0000 Subject: [PATCH 02/10] Make tests/*.sh runnable from anywhere --- tests/compat.sh | 5 +++++ tests/ssl-opt.sh | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/tests/compat.sh b/tests/compat.sh index cd55d0539..554adeffb 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -955,6 +955,11 @@ run_client() { # MAIN # +if cd $( dirname $0 ); then :; else + echo "cd $( dirname $0 ) failed" >&2 + exit 1 +fi + get_options "$@" # sanity checks, avoid an avalanche of errors diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ebe1cec21..63c0a2332 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -342,6 +342,11 @@ cleanup() { # MAIN # +if cd $( dirname $0 ); then :; else + echo "cd $( dirname $0 ) failed" >&2 + exit 1 +fi + get_options "$@" # sanity checks, avoid an avalanche of errors From f427f8854a55890994567d188ed08d0483892ae6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Mar 2015 15:35:29 +0000 Subject: [PATCH 03/10] Stop checking key-cert match systematically --- ChangeLog | 2 ++ library/ssl_tls.c | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8e1434a08..9f97da75f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -27,6 +27,8 @@ Bugfix * Fix potential memory leak in ssl_set_psk() (found by Mansour Moufid). Changes + * ssl_set_own_cert() now longers calls pk_check_pair() since the + performance impact was bad for some users (this was introduced in 1.3.10). * Move from SHA-1 to SHA-256 in example programs using signatures (suggested by Thorsten Mühlfelder). * Remove some unneeded inclusions of header files from the standard library diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d83ec746e..77bb9adb2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3973,7 +3973,7 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, key_cert->cert = own_cert; key_cert->key = pk_key; - return( pk_check_pair( &key_cert->cert->pk, key_cert->key ) ); + return( 0 ); } #if defined(POLARSSL_RSA_C) @@ -4002,7 +4002,7 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert, key_cert->cert = own_cert; key_cert->key_own_alloc = 1; - return( pk_check_pair( &key_cert->cert->pk, key_cert->key ) ); + return( 0 ); } #endif /* POLARSSL_RSA_C */ @@ -4031,7 +4031,7 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, key_cert->cert = own_cert; key_cert->key_own_alloc = 1; - return( pk_check_pair( &key_cert->cert->pk, key_cert->key ) ); + return( 0 ); } #endif /* POLARSSL_X509_CRT_PARSE_C */ From 73ed39d4b1bc2c02ce58d41d7046fa0a7c40a233 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Mar 2015 15:46:30 +0000 Subject: [PATCH 04/10] Remove slow PKCS5 test --- library/pkcs5.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/library/pkcs5.c b/library/pkcs5.c index 2e7d816ae..65f3d5dd5 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -301,36 +301,34 @@ int pkcs5_self_test( int verbose ) #define MAX_TESTS 6 static size_t plen[MAX_TESTS] = - { 8, 8, 8, 8, 24, 9 }; + { 8, 8, 8, 24, 9 }; static unsigned char password[MAX_TESTS][32] = { "password", "password", "password", - "password", "passwordPASSWORDpassword", "pass\0word", }; static size_t slen[MAX_TESTS] = - { 4, 4, 4, 4, 36, 5 }; + { 4, 4, 4, 36, 5 }; static unsigned char salt[MAX_TESTS][40] = { "salt", "salt", "salt", - "salt", "saltSALTsaltSALTsaltSALTsaltSALTsalt", "sa\0lt", }; static uint32_t it_cnt[MAX_TESTS] = - { 1, 2, 4096, 16777216, 4096, 4096 }; + { 1, 2, 4096, 4096, 4096 }; static uint32_t key_len[MAX_TESTS] = - { 20, 20, 20, 20, 25, 16 }; + { 20, 20, 20, 25, 16 }; static unsigned char result_key[MAX_TESTS][32] = { @@ -343,9 +341,6 @@ static unsigned char result_key[MAX_TESTS][32] = { 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a, 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0, 0x65, 0xa4, 0x29, 0xc1 }, - { 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4, - 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c, - 0x26, 0x34, 0xe9, 0x84 }, { 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b, 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a, 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70, @@ -376,9 +371,6 @@ int pkcs5_self_test( int verbose ) goto exit; } - if( verbose != 0 ) - polarssl_printf( " PBKDF2 note: test #3 may be slow!\n" ); - for( i = 0; i < MAX_TESTS; i++ ) { if( verbose != 0 ) From 51bccd388910c30b29cedc20d34df6f7e5216875 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Mar 2015 16:09:08 +0000 Subject: [PATCH 05/10] Fix compile error with renego disabled --- ChangeLog | 3 +++ library/ssl_cli.c | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 9f97da75f..1a1d0de15 100644 --- a/ChangeLog +++ b/ChangeLog @@ -25,6 +25,9 @@ Bugfix * Fix potential unintended sign extension in asn1_get_len() on 64-bit platforms. * Fix potential memory leak in ssl_set_psk() (found by Mansour Moufid). + * Fix compile error when POLARSSL_SSL_DISABLE_RENEGOTATION and + POLARSSL_SSL_SSESSION_TICKETS where both enabled in config.h (introduced + in 1.3.10). Changes * ssl_set_own_cert() now longers calls pk_check_pair() since the diff --git a/library/ssl_cli.c b/library/ssl_cli.c index f3d570ccb..37853bc60 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -602,8 +602,8 @@ static int ssl_write_client_hello( ssl_context *ssl ) */ #if defined(POLARSSL_SSL_RENEGOTIATION) if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) - { #endif + { if( ssl->session_negotiate->ticket != NULL && ssl->session_negotiate->ticket_len != 0 ) { From 1a90147dc5e10a3ce2e34694d00d333026f2e4db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Mar 2015 16:12:29 +0000 Subject: [PATCH 06/10] Add missing extern "C" guard in aesni.h --- ChangeLog | 1 + include/polarssl/aesni.h | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/ChangeLog b/ChangeLog index 1a1d0de15..46ef674a3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -28,6 +28,7 @@ Bugfix * Fix compile error when POLARSSL_SSL_DISABLE_RENEGOTATION and POLARSSL_SSL_SSESSION_TICKETS where both enabled in config.h (introduced in 1.3.10). + * Add missing extern "C" guard in aesni.h (reported by amir zamani). Changes * ssl_set_own_cert() now longers calls pk_check_pair() since the diff --git a/include/polarssl/aesni.h b/include/polarssl/aesni.h index bb514ca6d..02419eda5 100644 --- a/include/polarssl/aesni.h +++ b/include/polarssl/aesni.h @@ -37,6 +37,10 @@ #if defined(POLARSSL_HAVE_X86_64) +#ifdef __cplusplus +extern "C" { +#endif + /** * \brief AES-NI features detection routine * @@ -99,6 +103,10 @@ int aesni_setkey_enc( unsigned char *rk, const unsigned char *key, size_t bits ); +#ifdef __cplusplus +} +#endif + #endif /* POLARSSL_HAVE_X86_64 */ #endif /* POLARSSL_AESNI_H */ From 27d813993f3cdba8454415b55ebf7014f6d75adc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Mar 2015 17:37:30 +0000 Subject: [PATCH 07/10] Use only headers for doxygen (no doc in C files) --- doxygen/mbedtls.doxyfile | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index e516dc908..49c81c347 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -682,8 +682,7 @@ INPUT_ENCODING = UTF-8 # *.hxx *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.dox *.py # *.f90 *.f *.for *.vhd *.vhdl -FILE_PATTERNS = *.c \ - *.h +FILE_PATTERNS = *.h # The RECURSIVE tag can be used to turn specify whether or not subdirectories # should be searched for input files as well. Possible values are YES and NO. @@ -697,9 +696,7 @@ RECURSIVE = YES # Note that relative paths are relative to the directory from which doxygen is # run. -EXCLUDE = tests/fct.h \ - programs \ - CMakeFiles +EXCLUDE = configs # The EXCLUDE_SYMLINKS tag can be used to select whether or not files or # directories that are symbolic links (a Unix file system feature) are excluded From 28122e432909177f56876525c46eb492fe4f2c87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Mar 2015 09:13:42 +0000 Subject: [PATCH 08/10] Add missing 'const' on selftest data --- library/ctr_drbg.c | 8 ++++---- library/gcm.c | 28 +++++++++++++--------------- library/hmac_drbg.c | 8 ++++---- library/md5.c | 6 +++--- library/pkcs5.c | 14 +++++++------- library/sha1.c | 6 +++--- library/sha256.c | 6 +++--- library/sha512.c | 6 +++--- 8 files changed, 40 insertions(+), 42 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index de4a6e814..24adff08f 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -448,7 +448,7 @@ int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path ) #if defined(POLARSSL_SELF_TEST) -static unsigned char entropy_source_pr[96] = +static const unsigned char entropy_source_pr[96] = { 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16, 0x19, 0xb3, 0xf1, 0x80, 0xb1, 0xc9, 0x20, 0x02, 0x6a, 0x54, 0x6f, 0x0c, 0x70, 0x81, 0x49, 0x8b, @@ -462,7 +462,7 @@ static unsigned char entropy_source_pr[96] = 0x93, 0x92, 0xcf, 0xc5, 0x23, 0x12, 0xd5, 0x56, 0x2c, 0x4a, 0x6e, 0xff, 0xdc, 0x10, 0xd0, 0x68 }; -static unsigned char entropy_source_nopr[64] = +static const unsigned char entropy_source_nopr[64] = { 0x5a, 0x19, 0x4d, 0x5e, 0x2b, 0x31, 0x58, 0x14, 0x54, 0xde, 0xf6, 0x75, 0xfb, 0x79, 0x58, 0xfe, 0xc7, 0xdb, 0x87, 0x3e, 0x56, 0x89, 0xfc, 0x9d, @@ -521,7 +521,7 @@ int ctr_drbg_self_test( int verbose ) test_offset = 0; CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, - entropy_source_pr, nonce_pers_pr, 16, 32 ) ); + (void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) ); ctr_drbg_set_prediction_resistance( &ctx, CTR_DRBG_PR_ON ); CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) ); CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) ); @@ -538,7 +538,7 @@ int ctr_drbg_self_test( int verbose ) test_offset = 0; CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, - entropy_source_nopr, nonce_pers_nopr, 16, 32 ) ); + (void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) ); CHK( ctr_drbg_random( &ctx, buf, 16 ) ); CHK( ctr_drbg_reseed( &ctx, NULL, 0 ) ); CHK( ctr_drbg_random( &ctx, buf, 16 ) ); diff --git a/library/gcm.c b/library/gcm.c index 4e2735c0d..f4f735b6f 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -508,10 +508,10 @@ void gcm_free( gcm_context *ctx ) */ #define MAX_TESTS 6 -static int key_index[MAX_TESTS] = +static const int key_index[MAX_TESTS] = { 0, 0, 1, 1, 1, 1 }; -static unsigned char key[MAX_TESTS][32] = +static const unsigned char key[MAX_TESTS][32] = { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -523,13 +523,13 @@ static unsigned char key[MAX_TESTS][32] = 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, }; -static size_t iv_len[MAX_TESTS] = +static const size_t iv_len[MAX_TESTS] = { 12, 12, 12, 12, 8, 60 }; -static int iv_index[MAX_TESTS] = +static const int iv_index[MAX_TESTS] = { 0, 0, 1, 1, 1, 2 }; -static unsigned char iv[MAX_TESTS][64] = +static const unsigned char iv[MAX_TESTS][64] = { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, @@ -545,13 +545,13 @@ static unsigned char iv[MAX_TESTS][64] = 0xa6, 0x37, 0xb3, 0x9b }, }; -static size_t add_len[MAX_TESTS] = +static const size_t add_len[MAX_TESTS] = { 0, 0, 0, 20, 20, 20 }; -static int add_index[MAX_TESTS] = +static const int add_index[MAX_TESTS] = { 0, 0, 0, 1, 1, 1 }; -static unsigned char additional[MAX_TESTS][64] = +static const unsigned char additional[MAX_TESTS][64] = { { 0x00 }, { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, @@ -559,13 +559,13 @@ static unsigned char additional[MAX_TESTS][64] = 0xab, 0xad, 0xda, 0xd2 }, }; -static size_t pt_len[MAX_TESTS] = +static const size_t pt_len[MAX_TESTS] = { 0, 16, 64, 60, 60, 60 }; -static int pt_index[MAX_TESTS] = +static const int pt_index[MAX_TESTS] = { 0, 0, 1, 1, 1, 1 }; -static unsigned char pt[MAX_TESTS][64] = +static const unsigned char pt[MAX_TESTS][64] = { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, @@ -579,7 +579,7 @@ static unsigned char pt[MAX_TESTS][64] = 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, }; -static unsigned char ct[MAX_TESTS * 3][64] = +static const unsigned char ct[MAX_TESTS * 3][64] = { { 0x00 }, { 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, @@ -688,7 +688,7 @@ static unsigned char ct[MAX_TESTS * 3][64] = 0x44, 0xae, 0x7e, 0x3f }, }; -static unsigned char tag[MAX_TESTS * 3][16] = +static const unsigned char tag[MAX_TESTS * 3][16] = { { 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61, 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a }, @@ -939,8 +939,6 @@ int gcm_self_test( int verbose ) return( 0 ); } - - #endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ #endif /* POLARSSL_GCM_C */ diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index f4cac28ae..fed297f29 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -396,7 +396,7 @@ int hmac_drbg_self_test( int verbose ) #define OUTPUT_LEN 80 /* From a NIST PR=true test vector */ -static unsigned char entropy_pr[] = { +static const unsigned char entropy_pr[] = { 0xa0, 0xc9, 0xab, 0x58, 0xf1, 0xe2, 0xe5, 0xa4, 0xde, 0x3e, 0xbd, 0x4f, 0xf7, 0x3e, 0x9c, 0x5b, 0x64, 0xef, 0xd8, 0xca, 0x02, 0x8c, 0xf8, 0x11, 0x48, 0xa5, 0x84, 0xfe, 0x69, 0xab, 0x5a, 0xee, 0x42, 0xaa, 0x4d, 0x42, @@ -412,7 +412,7 @@ static const unsigned char result_pr[OUTPUT_LEN] = { 0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 }; /* From a NIST PR=false test vector */ -static unsigned char entropy_nopr[] = { +static const unsigned char entropy_nopr[] = { 0x79, 0x34, 0x9b, 0xbf, 0x7c, 0xdd, 0xa5, 0x79, 0x95, 0x57, 0x86, 0x66, 0x21, 0xc9, 0x13, 0x83, 0x11, 0x46, 0x73, 0x3a, 0xbf, 0x8c, 0x35, 0xc8, 0xc7, 0x21, 0x5b, 0x5b, 0x96, 0xc4, 0x8e, 0x9b, 0x33, 0x8c, 0x74, 0xe3, @@ -461,7 +461,7 @@ int hmac_drbg_self_test( int verbose ) test_offset = 0; CHK( hmac_drbg_init( &ctx, md_info, - hmac_drbg_self_test_entropy, entropy_pr, + hmac_drbg_self_test_entropy, (void *) entropy_pr, NULL, 0 ) ); hmac_drbg_set_prediction_resistance( &ctx, POLARSSL_HMAC_DRBG_PR_ON ); CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); @@ -480,7 +480,7 @@ int hmac_drbg_self_test( int verbose ) test_offset = 0; CHK( hmac_drbg_init( &ctx, md_info, - hmac_drbg_self_test_entropy, entropy_nopr, + hmac_drbg_self_test_entropy, (void *) entropy_nopr, NULL, 0 ) ); CHK( hmac_drbg_reseed( &ctx, NULL, 0 ) ); CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); diff --git a/library/md5.c b/library/md5.c index a14a9cf7d..49f0674fb 100644 --- a/library/md5.c +++ b/library/md5.c @@ -443,7 +443,7 @@ void md5_hmac( const unsigned char *key, size_t keylen, /* * RFC 1321 test vectors */ -static unsigned char md5_test_buf[7][81] = +static const unsigned char md5_test_buf[7][81] = { { "" }, { "a" }, @@ -481,7 +481,7 @@ static const unsigned char md5_test_sum[7][16] = /* * RFC 2202 test vectors */ -static unsigned char md5_hmac_test_key[7][26] = +static const unsigned char md5_hmac_test_key[7][26] = { { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" }, { "Jefe" }, @@ -498,7 +498,7 @@ static const int md5_hmac_test_keylen[7] = 16, 4, 16, 25, 16, 80, 80 }; -static unsigned char md5_hmac_test_buf[7][74] = +static const unsigned char md5_hmac_test_buf[7][74] = { { "Hi There" }, { "what do ya want for nothing?" }, diff --git a/library/pkcs5.c b/library/pkcs5.c index 65f3d5dd5..c1bab70a3 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -300,10 +300,10 @@ int pkcs5_self_test( int verbose ) #define MAX_TESTS 6 -static size_t plen[MAX_TESTS] = +static const size_t plen[MAX_TESTS] = { 8, 8, 8, 24, 9 }; -static unsigned char password[MAX_TESTS][32] = +static const unsigned char password[MAX_TESTS][32] = { "password", "password", @@ -312,10 +312,10 @@ static unsigned char password[MAX_TESTS][32] = "pass\0word", }; -static size_t slen[MAX_TESTS] = +static const size_t slen[MAX_TESTS] = { 4, 4, 4, 36, 5 }; -static unsigned char salt[MAX_TESTS][40] = +static const unsigned char salt[MAX_TESTS][40] = { "salt", "salt", @@ -324,13 +324,13 @@ static unsigned char salt[MAX_TESTS][40] = "sa\0lt", }; -static uint32_t it_cnt[MAX_TESTS] = +static const uint32_t it_cnt[MAX_TESTS] = { 1, 2, 4096, 4096, 4096 }; -static uint32_t key_len[MAX_TESTS] = +static const uint32_t key_len[MAX_TESTS] = { 20, 20, 20, 25, 16 }; -static unsigned char result_key[MAX_TESTS][32] = +static const unsigned char result_key[MAX_TESTS][32] = { { 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71, 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06, diff --git a/library/sha1.c b/library/sha1.c index 35e062583..fca6109bb 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -476,7 +476,7 @@ void sha1_hmac( const unsigned char *key, size_t keylen, /* * FIPS-180-1 test vectors */ -static unsigned char sha1_test_buf[3][57] = +static const unsigned char sha1_test_buf[3][57] = { { "abc" }, { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, @@ -501,7 +501,7 @@ static const unsigned char sha1_test_sum[3][20] = /* * RFC 2202 test vectors */ -static unsigned char sha1_hmac_test_key[7][26] = +static const unsigned char sha1_hmac_test_key[7][26] = { { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" "\x0B\x0B\x0B\x0B" }, @@ -521,7 +521,7 @@ static const int sha1_hmac_test_keylen[7] = 20, 4, 20, 25, 20, 80, 80 }; -static unsigned char sha1_hmac_test_buf[7][74] = +static const unsigned char sha1_hmac_test_buf[7][74] = { { "Hi There" }, { "what do ya want for nothing?" }, diff --git a/library/sha256.c b/library/sha256.c index b9b3f097b..2b4b7e132 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -483,7 +483,7 @@ void sha256_hmac( const unsigned char *key, size_t keylen, /* * FIPS-180-2 test vectors */ -static unsigned char sha256_test_buf[3][57] = +static const unsigned char sha256_test_buf[3][57] = { { "abc" }, { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, @@ -533,7 +533,7 @@ static const unsigned char sha256_test_sum[6][32] = /* * RFC 4231 test vectors */ -static unsigned char sha256_hmac_test_key[7][26] = +static const unsigned char sha256_hmac_test_key[7][26] = { { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" "\x0B\x0B\x0B\x0B" }, @@ -553,7 +553,7 @@ static const int sha256_hmac_test_keylen[7] = 20, 4, 20, 25, 20, 131, 131 }; -static unsigned char sha256_hmac_test_buf[7][153] = +static const unsigned char sha256_hmac_test_buf[7][153] = { { "Hi There" }, { "what do ya want for nothing?" }, diff --git a/library/sha512.c b/library/sha512.c index 629ed1b58..4074d33d9 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -488,7 +488,7 @@ void sha512_hmac( const unsigned char *key, size_t keylen, /* * FIPS-180-2 test vectors */ -static unsigned char sha512_test_buf[3][113] = +static const unsigned char sha512_test_buf[3][113] = { { "abc" }, { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" @@ -557,7 +557,7 @@ static const unsigned char sha512_test_sum[6][64] = /* * RFC 4231 test vectors */ -static unsigned char sha512_hmac_test_key[7][26] = +static const unsigned char sha512_hmac_test_key[7][26] = { { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" "\x0B\x0B\x0B\x0B" }, @@ -577,7 +577,7 @@ static const int sha512_hmac_test_keylen[7] = 20, 4, 20, 25, 20, 131, 131 }; -static unsigned char sha512_hmac_test_buf[7][153] = +static const unsigned char sha512_hmac_test_buf[7][153] = { { "Hi There" }, { "what do ya want for nothing?" }, From 4a7ed714bff4db1d019467b77c610521602dab18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Mar 2015 10:26:50 +0000 Subject: [PATCH 09/10] scripts/memory.sh only work on Linux --- scripts/memory.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/scripts/memory.sh b/scripts/memory.sh index 710ee96e0..792d27f0c 100755 --- a/scripts/memory.sh +++ b/scripts/memory.sh @@ -25,6 +25,11 @@ if grep -i cmake Makefile >/dev/null; then exit 1 fi +if [ $( uname ) != Linux ]; then + echo "Only work on Linux" >&2 + exit 1 +fi + if git status | grep -F $CONFIG_H >/dev/null 2>&1; then echo "config.h not clean" >&2 exit 1 @@ -54,7 +59,7 @@ do_config() cd programs CFLAGS=$CFLAGS_EXEC make OFLAGS=-Os ssl/$CLIENT >/dev/null strip ssl/$CLIENT - stat -f '%z' ssl/$CLIENT + stat -c '%s' ssl/$CLIENT cd .. printf " Peak ram usage... " From 3b110c2d34092080377ba693347d9a09ddd7c389 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Mar 2015 10:28:17 +0000 Subject: [PATCH 10/10] Use link-time garbage collection in memory.sh --- scripts/memory.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/memory.sh b/scripts/memory.sh index 792d27f0c..eefe1025d 100755 --- a/scripts/memory.sh +++ b/scripts/memory.sh @@ -12,7 +12,7 @@ CONFIG_H='include/polarssl/config.h' CLIENT='mini_client' -CFLAGS_EXEC=-fno-asynchronous-unwind-tables +CFLAGS_EXEC='-fno-asynchronous-unwind-tables -Wl,--gc-section -ffunction-sections' CFLAGS_MEM=-g3 if [ -r $CONFIG_H ]; then :; else