len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-08-19 17:48:33 -04:00
Code Issues Projects Releases Packages Wiki Activity

Update CyaSSL to latest version.

Browse source
This commit is contained in:
Richard Barry 2014-07-18 18:54:25 +00:00
parent 5fcd270398
commit 3d007d0b4b
445 changed files with 162375 additions and 26182 deletions
Download patch file Download diff file Expand all files Collapse all files

320
FreeRTOS-Plus/Source/CyaSSL/tests/suites.c
View file

@ -1,6 +1,6 @@
/* suites.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,46 +16,207 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <cyassl/ssl.h>
#include <tests/unit.h>
#define MAX_ARGS 40
#define MAX_COMMAND_SZ 240
#define MAX_SUITE_SZ 80
#define NOT_BUILT_IN -123
#ifdef NO_OLD_TLS
#define VERSION_TOO_OLD -124
#endif
#include "examples/client/client.h"
#include "examples/server/server.h"
void client_test(void*);
THREAD_RETURN CYASSL_THREAD server_test(void*);
static CYASSL_CTX* cipherSuiteCtx = NULL;
static char nonblockFlag[] = "-N";
static char noVerifyFlag[] = "-d";
static char portFlag[] = "-p";
static char flagSep[] = " ";
static char svrPort[] = "0";
static void execute_test_case(int svr_argc, char** svr_argv,
int cli_argc, char** cli_argv)
#ifdef NO_OLD_TLS
/* if the protocol version is less than tls 1.2 return 1, else 0 */
static int IsOldTlsVersion(const char* line)
{
func_args cliArgs = {cli_argc, cli_argv, 0, NULL};
func_args svrArgs = {svr_argc, svr_argv, 0, NULL};
const char* find = "-v ";
char* begin = strstr(line, find);
if (begin) {
int version = -1;
begin += 3;
version = atoi(begin);
if (version < 3)
return 1;
}
return 0;
}
#endif /* NO_OLD_TLS */
/* if the cipher suite on line is valid store in suite and return 1, else 0 */
static int IsValidCipherSuite(const char* line, char* suite)
{
int found = 0;
int valid = 0;
const char* find = "-l ";
const char* begin = strstr(line, find);
const char* end;
suite[0] = '\0';
if (begin) {
begin += 3;
end = strstr(begin, " ");
if (end) {
long len = end - begin;
if (len > MAX_SUITE_SZ) {
printf("suite too long!\n");
return 0;
}
memcpy(suite, begin, len);
suite[len] = '\0';
}
else
strncpy(suite, begin, MAX_SUITE_SZ);
suite[MAX_SUITE_SZ] = '\0';
found = 1;
}
if (found) {
if (CyaSSL_CTX_set_cipher_list(cipherSuiteCtx, suite) == SSL_SUCCESS)
valid = 1;
}
return valid;
}
static int execute_test_case(int svr_argc, char** svr_argv,
int cli_argc, char** cli_argv,
int addNoVerify, int addNonBlocking)
{
func_args cliArgs = {cli_argc, cli_argv, 0, NULL, NULL};
func_args svrArgs = {svr_argc, svr_argv, 0, NULL, NULL};
tcp_ready ready;
THREAD_TYPE serverThread;
char commandLine[MAX_COMMAND_SZ];
char cipherSuite[MAX_SUITE_SZ+1];
int i;
size_t added = 0;
static int tests = 1;
commandLine[0] = '\0';
for (i = 0; i < svr_argc; i++) {
added += strlen(svr_argv[i]) + 2;
if (added >= MAX_COMMAND_SZ) {
printf("server command line too long\n");
break;
}
strcat(commandLine, svr_argv[i]);
strcat(commandLine, " ");
strcat(commandLine, flagSep);
}
if (IsValidCipherSuite(commandLine, cipherSuite) == 0) {
#ifdef DEBUG_SUITE_TESTS
printf("cipher suite %s not supported in build\n", cipherSuite);
#endif
return NOT_BUILT_IN;
}
#ifdef NO_OLD_TLS
if (IsOldTlsVersion(commandLine) == 1) {
#ifdef DEBUG_SUITE_TESTS
printf("protocol version on line %s is too old\n", commandLine);
#endif
return VERSION_TOO_OLD;
}
#endif
if (addNoVerify) {
printf("repeating test with client cert request off\n");
added += 4; /* -d plus space plus terminator */
if (added >= MAX_COMMAND_SZ || svr_argc >= MAX_ARGS)
printf("server command line too long\n");
else {
svr_argv[svr_argc++] = noVerifyFlag;
svrArgs.argc = svr_argc;
strcat(commandLine, noVerifyFlag);
strcat(commandLine, flagSep);
}
}
if (addNonBlocking) {
printf("repeating test with non blocking on\n");
added += 4; /* -N plus terminator */
if (added >= MAX_COMMAND_SZ || svr_argc >= MAX_ARGS)
printf("server command line too long\n");
else {
svr_argv[svr_argc++] = nonblockFlag;
svrArgs.argc = svr_argc;
strcat(commandLine, nonblockFlag);
strcat(commandLine, flagSep);
}
}
#ifndef USE_WINDOWS_API
/* add port 0 */
if (svr_argc + 2 > MAX_ARGS)
printf("cannot add the magic port number flag to server\n");
else
{
svr_argv[svr_argc++] = portFlag;
svr_argv[svr_argc++] = svrPort;
svrArgs.argc = svr_argc;
}
#endif
printf("trying server command line[%d]: %s\n", tests, commandLine);
commandLine[0] = '\0';
added = 0;
for (i = 0; i < cli_argc; i++) {
added += strlen(cli_argv[i]) + 2;
if (added >= MAX_COMMAND_SZ) {
printf("client command line too long\n");
break;
}
strcat(commandLine, cli_argv[i]);
strcat(commandLine, " ");
strcat(commandLine, flagSep);
}
if (addNonBlocking) {
added += 4; /* -N plus space plus terminator */
if (added >= MAX_COMMAND_SZ)
printf("client command line too long\n");
else {
cli_argv[cli_argc++] = nonblockFlag;
strcat(commandLine, nonblockFlag);
strcat(commandLine, flagSep);
cliArgs.argc = cli_argc;
}
}
printf("trying client command line[%d]: %s\n", tests++, commandLine);
@ -65,7 +226,20 @@ static void execute_test_case(int svr_argc, char** svr_argv,
svrArgs.signal = &ready;
start_thread(server_test, &svrArgs, &serverThread);
wait_tcp_ready(&svrArgs);
#ifndef USE_WINDOWS_API
if (ready.port != 0)
{
if (cli_argc + 2 > MAX_ARGS)
printf("cannot add the magic port number flag to client\n");
else {
char portNumber[8];
snprintf(portNumber, sizeof(portNumber), "%d", ready.port);
cli_argv[cli_argc++] = portFlag;
cli_argv[cli_argc++] = portNumber;
cliArgs.argc = cli_argc;
}
}
#endif
/* start client */
client_test(&cliArgs);
@ -82,15 +256,17 @@ static void execute_test_case(int svr_argc, char** svr_argv,
}
FreeTcpReady(&ready);
return 0;
}
void test_harness(void* vargs)
static void test_harness(void* vargs)
{
func_args* args = (func_args*)vargs;
char* script;
long sz, len;
int cliMode = 0; /* server or client command flag, server first */
int ret;
FILE* file;
char* svrArgs[MAX_ARGS];
int svrArgsSz;
@ -98,8 +274,7 @@ void test_harness(void* vargs)
int cliArgsSz;
char* cursor;
char* comment;
char* fname = "tests/test.conf";
const char* fname = "tests/test.conf";
if (args->argc == 1) {
printf("notice: using default file %s\n", fname);
@ -122,7 +297,7 @@ void test_harness(void* vargs)
fseek(file, 0, SEEK_END);
sz = ftell(file);
rewind(file);
if (sz == 0) {
if (sz <= 0) {
fprintf(stderr, "%s is empty\n", fname);
fclose(file);
args->return_code = 1;
@ -141,6 +316,7 @@ void test_harness(void* vargs)
if (len != sz) {
fprintf(stderr, "read error\n");
fclose(file);
free(script);
args->return_code = 1;
return;
}
@ -170,7 +346,11 @@ void test_harness(void* vargs)
case '#':
/* Ignore lines that start with a #. */
comment = strsep(&cursor, "\n");
#ifdef DEBUG_SUITE_TESTS
printf("%s\n", comment);
#else
(void)comment;
#endif
break;
case '-':
/* Parameters start with a -. They end in either a newline
@ -198,7 +378,13 @@ void test_harness(void* vargs)
}
if (do_it) {
execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs);
ret = execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs,0,0);
/* don't repeat if not supported in build */
if (ret == 0) {
execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 0, 1);
execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 1, 0);
execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 1, 1);
}
svrArgsSz = 1;
cliArgsSz = 1;
cliMode = 0;
@ -213,7 +399,7 @@ void test_harness(void* vargs)
int SuiteTest(void)
{
func_args args;
char argv0[2][32];
char argv0[2][80];
char* myArgv[2];
printf(" Begin Cipher Suite Tests\n");
@ -224,6 +410,14 @@ int SuiteTest(void)
args.argv = myArgv;
strcpy(argv0[0], "SuiteTest");
(void)test_harness;
cipherSuiteCtx = CyaSSL_CTX_new(CyaTLSv1_2_client_method());
if (cipherSuiteCtx == NULL) {
printf("can't get cipher suite ctx\n");
exit(EXIT_FAILURE);
}
/* default case */
args.argc = 1;
printf("starting default cipher suite tests\n");
@ -236,94 +430,6 @@ int SuiteTest(void)
/* any extra cases will need another argument */
args.argc = 2;
#ifdef OPENSSL_EXTRA
/* add openssl extra suites */
strcpy(argv0[1], "tests/test-openssl.conf");
printf("starting openssl extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef HAVE_HC128
/* add hc128 extra suites */
strcpy(argv0[1], "tests/test-hc128.conf");
printf("starting hc128 extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifndef NO_PSK
/* add psk extra suites */
strcpy(argv0[1], "tests/test-psk.conf");
printf("starting psk extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef HAVE_NTRU
/* add ntru extra suites */
strcpy(argv0[1], "tests/test-ntru.conf");
printf("starting ntru extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef HAVE_ECC
/* add ecc extra suites */
strcpy(argv0[1], "tests/test-ecc.conf");
printf("starting ecc extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef HAVE_AESGCM
/* add aesgcm extra suites */
strcpy(argv0[1], "tests/test-aesgcm.conf");
printf("starting aesgcm extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#if defined(HAVE_AESGCM) && defined(OPENSSL_EXTRA)
/* add aesgcm openssl extra suites */
strcpy(argv0[1], "tests/test-aesgcm-openssl.conf");
printf("starting aesgcm openssl extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#if defined(HAVE_AESGCM) && defined(HAVE_ECC)
/* add aesgcm ecc extra suites */
strcpy(argv0[1], "tests/test-aesgcm-ecc.conf");
printf("starting aesgcm ecc extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef CYASSL_DTLS
/* add dtls extra suites */
strcpy(argv0[1], "tests/test-dtls.conf");
@ -337,6 +443,8 @@ int SuiteTest(void)
printf(" End Cipher Suite Tests\n");
CyaSSL_CTX_free(cipherSuiteCtx);
return args.return_code;
}