Merge remote-tracking branch 'origin/pr/2554' into mbedtls-2.7

* origin/pr/2554: Remove ssl_cert_test sample app
2019-04-16 15:07:06 +01:00 · 2019-04-16 15:07:06 +01:00 · ae29e53f2a
commit ae29e53f2a
parent 440baeb130 c0f55f3d61
5 changed files with 2 additions and 456 deletions
--- a/programs/Makefile
+++ b/programs/Makefile
@ -65,7 +65,7 @@ APPS =	aes/aescrypt2$(EXEXT)		aes/crypt_and_hash$(EXEXT)	\
 	ssl/ssl_mail_client$(EXEXT)	random/gen_entropy$(EXEXT)	\
 	random/gen_random_havege$(EXEXT)				\
 	random/gen_random_ctr_drbg$(EXEXT)				\
-	test/ssl_cert_test$(EXEXT)	test/benchmark$(EXEXT)		\
+	test/benchmark$(EXEXT)                          		\
 	test/selftest$(EXEXT)		test/udp_proxy$(EXEXT)		\
 	util/pem2der$(EXEXT)		util/strerror$(EXEXT)		\
 	x509/cert_app$(EXEXT)		x509/crl_app$(EXEXT)		\
@ -233,10 +233,6 @@ ssl/mini_client$(EXEXT): ssl/mini_client.c $(DEP)
 	echo "  CC    ssl/mini_client.c"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/mini_client.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@

-test/ssl_cert_test$(EXEXT): test/ssl_cert_test.c $(DEP)
-	echo "  CC    test/ssl_cert_test.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/ssl_cert_test.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
 test/benchmark$(EXEXT): test/benchmark.c $(DEP)
 	echo "  CC    test/benchmark.c"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/benchmark.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@ -16,12 +16,10 @@ target_link_libraries(selftest ${libs})
 add_executable(benchmark benchmark.c)
 target_link_libraries(benchmark ${libs})

-add_executable(ssl_cert_test ssl_cert_test.c)
-target_link_libraries(ssl_cert_test ${libs})

 add_executable(udp_proxy udp_proxy.c)
 target_link_libraries(udp_proxy ${libs})

-install(TARGETS selftest benchmark ssl_cert_test udp_proxy
+install(TARGETS selftest benchmark udp_proxy
        DESTINATION "bin"
        PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
--- a/programs/test/ssl_cert_test.c
+++ b/programs/test/ssl_cert_test.c
@ -1,261 +0,0 @@
-/*
- *  SSL certificate functionality tests
- *
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- *  This file is part of mbed TLS (https://tls.mbed.org)
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_snprintf        snprintf
-#define mbedtls_printf          printf
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_X509_CRL_PARSE_C)
-#include "mbedtls/certs.h"
-#include "mbedtls/x509_crt.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#define MAX_CLIENT_CERTS    8
-
-#if !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_X509_CRL_PARSE_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_RSA_C and/or MBEDTLS_X509_CRT_PARSE_C "
-           "MBEDTLS_FS_IO and/or MBEDTLS_X509_CRL_PARSE_C "
-           "not defined.\n");
-    return( 0 );
-}
-#else
-const char *client_certificates[MAX_CLIENT_CERTS] =
-{
-    "client1.crt",
-    "client2.crt",
-    "server1.crt",
-    "server2.crt",
-    "cert_sha224.crt",
-    "cert_sha256.crt",
-    "cert_sha384.crt",
-    "cert_sha512.crt"
-};
-
-const char *client_private_keys[MAX_CLIENT_CERTS] =
-{
-    "client1.key",
-    "client2.key",
-    "server1.key",
-    "server2.key",
-    "cert_digest.key",
-    "cert_digest.key",
-    "cert_digest.key",
-    "cert_digest.key"
-};
-
-int main( void )
-{
-    int ret = 1, i;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_x509_crt cacert;
-    mbedtls_x509_crl crl;
-    char buf[10240];
-
-    mbedtls_x509_crt_init( &cacert );
-    mbedtls_x509_crl_init( &crl );
-
-    /*
-     * 1.1. Load the trusted CA
-     */
-    mbedtls_printf( "\n  . Loading the CA root certificate ..." );
-    fflush( stdout );
-
-    /*
-     * Alternatively, you may load the CA certificates from a .pem or
-     * .crt file by calling mbedtls_x509_crt_parse_file( &cacert, "myca.crt" ).
-     */
-    ret = mbedtls_x509_crt_parse_file( &cacert, "ssl/test-ca/test-ca.crt" );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse_file returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    mbedtls_x509_crt_info( buf, 1024, "CRT: ", &cacert );
-    mbedtls_printf("%s\n", buf );
-
-    /*
-     * 1.2. Load the CRL
-     */
-    mbedtls_printf( "  . Loading the CRL ..." );
-    fflush( stdout );
-
-    ret = mbedtls_x509_crl_parse_file( &crl, "ssl/test-ca/crl.pem" );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crl_parse_file returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    mbedtls_x509_crl_info( buf, 1024, "CRL: ", &crl );
-    mbedtls_printf("%s\n", buf );
-
-    for( i = 0; i < MAX_CLIENT_CERTS; i++ )
-    {
-        /*
-         * 1.3. Load own certificate
-         */
-        char    name[512];
-        uint32_t flags;
-        mbedtls_x509_crt clicert;
-        mbedtls_pk_context pk;
-
-        mbedtls_x509_crt_init( &clicert );
-        mbedtls_pk_init( &pk );
-
-        mbedtls_snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]);
-
-        mbedtls_printf( "  . Loading the client certificate %s...", name );
-        fflush( stdout );
-
-        ret = mbedtls_x509_crt_parse_file( &clicert, name );
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse_file returned %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        /*
-         * 1.4. Verify certificate validity with CA certificate
-         */
-        mbedtls_printf( "  . Verify the client certificate with CA certificate..." );
-        fflush( stdout );
-
-        ret = mbedtls_x509_crt_verify( &clicert, &cacert, &crl, NULL, &flags, NULL,
-                               NULL );
-        if( ret != 0 )
-        {
-            if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
-            {
-                 char vrfy_buf[512];
-
-                 mbedtls_printf( " failed\n" );
-                 mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );
-                 mbedtls_printf( "%s\n", vrfy_buf );
-             }
-             else
-             {
-                mbedtls_printf( " failed\n  !  mbedtls_x509_crt_verify returned %d\n\n", ret );
-                goto exit;
-            }
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        /*
-         * 1.5. Load own private key
-         */
-        mbedtls_snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]);
-
-        mbedtls_printf( "  . Loading the client private key %s...", name );
-        fflush( stdout );
-
-        ret = mbedtls_pk_parse_keyfile( &pk, name, NULL );
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_keyfile returned %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        /*
-         * 1.6. Verify certificate validity with private key
-         */
-        mbedtls_printf( "  . Verify the client certificate with private key..." );
-        fflush( stdout );
-
-
-        /* EC NOT IMPLEMENTED YET */
-        if( ! mbedtls_pk_can_do( &clicert.pk, MBEDTLS_PK_RSA ) )
-        {
-            mbedtls_printf( " failed\n  !  certificate's key is not RSA\n\n" );
-            goto exit;
-        }
-
-        ret = mbedtls_mpi_cmp_mpi(&mbedtls_pk_rsa( pk )->N, &mbedtls_pk_rsa( clicert.pk )->N);
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_mpi_cmp_mpi for N returned %d\n\n", ret );
-            goto exit;
-        }
-
-        ret = mbedtls_mpi_cmp_mpi(&mbedtls_pk_rsa( pk )->E, &mbedtls_pk_rsa( clicert.pk )->E);
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_mpi_cmp_mpi for E returned %d\n\n", ret );
-            goto exit;
-        }
-
-        ret = mbedtls_rsa_check_privkey( mbedtls_pk_rsa( pk ) );
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_rsa_check_privkey returned %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        mbedtls_x509_crt_free( &clicert );
-        mbedtls_pk_free( &pk );
-    }
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_x509_crt_free( &cacert );
-    mbedtls_x509_crl_free( &crl );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    return( exit_code );
-}
-#endif /* MBEDTLS_RSA_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO &&
-          MBEDTLS_X509_CRL_PARSE_C */