From 49e62f085826d452cadf8ee538354b2860e08f2e Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 11 Mar 2013 16:07:46 -0700 Subject: [PATCH] fix general NO_SHA NO_ASN NO_CERTS NO_SESSION_CACHE builds/examples --- ctaocrypt/benchmark/benchmark.c | 4 ++++ ctaocrypt/test/test.c | 7 +++++++ cyassl/crl.h | 4 ++++ cyassl/internal.h | 32 +++++++++++++++++++++++++++----- cyassl/ocsp.h | 2 ++ examples/client/client.c | 13 ++++++++++--- examples/echoserver/echoserver.c | 2 ++ examples/server/server.c | 6 +++--- src/internal.c | 2 +- tests/api.c | 8 ++++---- tests/hash.c | 4 ++++ testsuite/testsuite.c | 18 +++++++++--------- 12 files changed, 77 insertions(+), 25 deletions(-) diff --git a/ctaocrypt/benchmark/benchmark.c b/ctaocrypt/benchmark/benchmark.c index bc29ccb39..06587e59c 100644 --- a/ctaocrypt/benchmark/benchmark.c +++ b/ctaocrypt/benchmark/benchmark.c @@ -155,7 +155,9 @@ int main(int argc, char** argv) #ifndef NO_MD5 bench_md5(); #endif +#ifndef NO_SHA bench_sha(); +#endif #ifndef NO_SHA256 bench_sha256(); #endif @@ -498,6 +500,7 @@ void bench_md5(void) #endif /* NO_MD5 */ +#ifndef NO_SHA void bench_sha(void) { Sha hash; @@ -523,6 +526,7 @@ void bench_sha(void) printf("SHA %d %s took %5.3f seconds, %6.2f MB/s\n", numBlocks, blockType, total, persec); } +#endif /* NO_SHA */ #ifndef NO_SHA256 diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 08ef0a1e1..fe3ce3a31 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -198,10 +198,12 @@ void ctaocrypt_test(void* args) printf( "MD4 test passed!\n"); #endif +#ifndef NO_SHA if ( (ret = sha_test()) ) err_sys("SHA test failed!\n", ret); else printf( "SHA test passed!\n"); +#endif #ifndef NO_SHA256 if ( (ret = sha256_test()) ) @@ -239,10 +241,12 @@ void ctaocrypt_test(void* args) printf( "HMAC-MD5 test passed!\n"); #endif + #ifndef NO_SHA if ( (ret = hmac_sha_test()) ) err_sys("HMAC-SHA test failed!\n", ret); else printf( "HMAC-SHA test passed!\n"); + #endif #ifndef NO_SHA256 if ( (ret = hmac_sha256_test()) ) @@ -643,6 +647,8 @@ int md4_test(void) #endif /* NO_MD4 */ +#ifndef NO_SHA + int sha_test(void) { Sha sha; @@ -697,6 +703,7 @@ int sha_test(void) return 0; } +#endif /* NO_SHA */ #ifdef CYASSL_RIPEMD int ripemd_test(void) diff --git a/cyassl/crl.h b/cyassl/crl.h index 4b350164f..62a35ffec 100644 --- a/cyassl/crl.h +++ b/cyassl/crl.h @@ -23,6 +23,9 @@ #ifndef CYASSL_CRL_H #define CYASSL_CRL_H + +#ifdef HAVE_CRL + #include #include @@ -44,4 +47,5 @@ CYASSL_LOCAL int CheckCertCRL(CYASSL_CRL*, DecodedCert*); } /* extern "C" */ #endif +#endif /* HAVE_CRL */ #endif /* CYASSL_CRL_H */ diff --git a/cyassl/internal.h b/cyassl/internal.h index 3b8a3ee75..becf5adcd 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -938,9 +938,14 @@ CYASSL_LOCAL int UnLockMutex(CyaSSL_Mutex*); typedef struct OCSP_Entry OCSP_Entry; #ifdef SHA_DIGEST_SIZE -#define OCSP_DIGEST_SIZE SHA_DIGEST_SIZE + #define OCSP_DIGEST_SIZE SHA_DIGEST_SIZE #else -#define OCSP_DIGEST_SIZE 160 + #define OCSP_DIGEST_SIZE 160 +#endif + +#ifdef NO_ASN + /* no_asn won't have */ + typedef struct CertStatus CertStatus; #endif struct OCSP_Entry { @@ -971,9 +976,13 @@ struct CYASSL_OCSP { typedef struct CRL_Entry CRL_Entry; #ifdef SHA_DIGEST_SIZE -#define CRL_DIGEST_SIZE SHA_DIGEST_SIZE + #define CRL_DIGEST_SIZE SHA_DIGEST_SIZE #else -#define CRL_DIGEST_SIZE 160 + #define CRL_DIGEST_SIZE 160 +#endif + +#ifdef NO_ASN + typedef struct RevokedCert RevokedCert; #endif /* Complete CRL */ @@ -1000,6 +1009,10 @@ struct CRL_Monitor { }; +#ifndef HAVE_CRL + typedef struct CYASSL_CRL CYASSL_CRL; +#endif + /* CyaSSL CRL controller */ struct CYASSL_CRL { CYASSL_CERT_MANAGER* cm; /* pointer back to cert manager */ @@ -1012,6 +1025,11 @@ struct CYASSL_CRL { }; +#ifdef NO_ASN + typedef struct Signer Signer; +#endif + + /* CyaSSL Certificate Manager */ struct CYASSL_CERT_MANAGER { Signer* caList; /* the CA signer list */ @@ -1472,7 +1490,11 @@ struct CYASSL_X509_NAME { }; #ifndef EXTERNAL_SERIAL_SIZE -#define EXTERNAL_SERIAL_SIZE 32 + #define EXTERNAL_SERIAL_SIZE 32 +#endif + +#ifdef NO_ASN + typedef struct DNS_entry DNS_entry; #endif struct CYASSL_X509 { diff --git a/cyassl/ocsp.h b/cyassl/ocsp.h index 8ce560a43..f47f671b1 100644 --- a/cyassl/ocsp.h +++ b/cyassl/ocsp.h @@ -25,6 +25,7 @@ #ifndef CYASSL_OCSP_H #define CYASSL_OCSP_H +#ifdef HAVE_OCSP #include #include @@ -47,6 +48,7 @@ CYASSL_LOCAL int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP*, DecodedCert*); #endif +#endif /* HAVE_OCSP */ #endif /* CYASSL_OCSP_H */ diff --git a/examples/client/client.c b/examples/client/client.c index 316fe643e..738f2582b 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -154,6 +154,9 @@ void client_test(void* args) ourCert = (char*)cliEccCert; ourKey = (char*)cliEccKey; #endif + (void)resumeSz; + (void)session; + (void)sslResume; while ((ch = mygetopt(argc, argv, "?gdusmNrh:p:v:l:A:c:k:b:")) != -1) { switch (ch) { @@ -342,7 +345,7 @@ void client_test(void* args) #ifdef VERIFY_CALLBACK CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify); #endif -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) if (!usePsk){ if (CyaSSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) @@ -351,8 +354,8 @@ void client_test(void* args) if (CyaSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM) != SSL_SUCCESS) - err_sys("can't load client private key file, check file and run from" - " CyaSSL home dir"); + err_sys("can't load client private key file, check file and run " + "from CyaSSL home dir"); if (CyaSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS) err_sys("can't load ca file, Please run from CyaSSL home dir"); @@ -471,6 +474,7 @@ void client_test(void* args) err_sys("CyaSSL_read failed"); } +#ifndef NO_SESSION_CACHE if (resumeSession) { if (doDTLS) { strncpy(msg, "break", 6); @@ -481,12 +485,14 @@ void client_test(void* args) session = CyaSSL_get_session(ssl); sslResume = CyaSSL_new(ctx); } +#endif if (doDTLS == 0) /* don't send alert after "break" command */ CyaSSL_shutdown(ssl); /* echoserver will interpret as new conn */ CyaSSL_free(ssl); CloseSocket(sockfd); +#ifndef NO_SESSION_CACHE if (resumeSession) { if (doDTLS) { SOCKADDR_IN_T addr; @@ -550,6 +556,7 @@ void client_test(void* args) CyaSSL_free(sslResume); CloseSocket(sockfd); } +#endif /* NO_SESSION_CACHE */ CyaSSL_CTX_free(ctx); diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index c29bdfe97..cc4dbd07e 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -133,6 +133,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) != SSL_SUCCESS) err_sys("can't load server key file, " "Please run from CyaSSL home dir"); + #elif defined(NO_CERTS) + /* do nothing, just don't load cert files */ #else /* normal */ if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) diff --git a/examples/server/server.c b/examples/server/server.c index 02d6b2be4..324fb41a8 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -274,7 +274,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) usePsk = 1; #endif -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) if (!usePsk) { if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) @@ -292,7 +292,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) } #endif -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) if (!useNtruKey && !usePsk) { if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM) != SSL_SUCCESS) @@ -318,7 +318,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #endif } -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) /* if not using PSK, verify peer with certs */ if (doCliCertCheck && usePsk == 0) { SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | diff --git a/src/internal.c b/src/internal.c index 8cd312431..c88c00047 100644 --- a/src/internal.c +++ b/src/internal.c @@ -4637,7 +4637,7 @@ static void BuildSHA_CertVerify(CYASSL* ssl, byte* digest) #endif -#ifndef CYASSL_LEANPSK +#ifndef NO_CERTS static void BuildCertHashes(CYASSL* ssl, Hashes* hashes) { diff --git a/tests/api.c b/tests/api.c index 7db26fc68..f97c306a8 100644 --- a/tests/api.c +++ b/tests/api.c @@ -35,7 +35,7 @@ static int test_CyaSSL_Init(void); static int test_CyaSSL_Cleanup(void); static int test_CyaSSL_Method_Allocators(void); static int test_CyaSSL_CTX_new(CYASSL_METHOD *method); -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) static int test_CyaSSL_CTX_use_certificate_file(void); static int test_CyaSSL_CTX_use_PrivateKey_file(void); static int test_CyaSSL_CTX_load_verify_locations(void); @@ -51,7 +51,7 @@ static int test_method(CYASSL_METHOD *method, const char *name); #ifdef OPENSSL_EXTRA static int test_method2(CYASSL_METHOD *method, const char *name); #endif -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) static int test_ucf(CYASSL_CTX *ctx, const char* file, int type, int cond, const char* name); static int test_upkf(CYASSL_CTX *ctx, const char* file, int type, @@ -79,7 +79,7 @@ int ApiTest(void) test_CyaSSL_Init(); test_CyaSSL_Method_Allocators(); test_CyaSSL_CTX_new(CyaSSLv23_server_method()); -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) test_CyaSSL_CTX_use_certificate_file(); test_CyaSSL_CTX_use_PrivateKey_file(); test_CyaSSL_CTX_load_verify_locations(); @@ -209,7 +209,7 @@ int test_CyaSSL_CTX_new(CYASSL_METHOD *method) return TEST_SUCCESS; } -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) /* Helper for testing CyaSSL_CTX_use_certificate_file() */ int test_ucf(CYASSL_CTX *ctx, const char* file, int type, int cond, const char* name) diff --git a/tests/hash.c b/tests/hash.c index 420dc36cb..1a124e098 100644 --- a/tests/hash.c +++ b/tests/hash.c @@ -76,11 +76,13 @@ int HashTest(void) printf( " MD5 test passed!\n"); #endif +#ifndef NO_SHA if ( (ret = sha_test()) ) { printf( " SHA test failed!\n"); return ret; } else printf( " SHA test passed!\n"); +#endif #ifndef NO_SHA256 if ( (ret = sha256_test()) ) { @@ -290,6 +292,7 @@ int md5_test(void) #endif /* NO_MD5 */ +#ifndef NO_SHA int sha_test(void) { Sha sha; @@ -343,6 +346,7 @@ int sha_test(void) return 0; } +#endif /* NO_SHA */ #ifndef NO_SHA256 int sha256_test(void) diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index afa3e4199..cc4b4ace8 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -25,7 +25,7 @@ #include #include -#include +#include #include "ctaocrypt/test/test.h" @@ -138,8 +138,8 @@ int main(int argc, char** argv) /* validate output equals input */ { - byte input[SHA_DIGEST_SIZE]; - byte output[SHA_DIGEST_SIZE]; + byte input[SHA256_DIGEST_SIZE]; + byte output[SHA256_DIGEST_SIZE]; file_test("input", input); file_test("output", output); @@ -220,22 +220,22 @@ void file_test(const char* file, byte* check) { FILE* f; int i = 0, j; - Sha sha; + Sha256 sha256; byte buf[1024]; - byte shasum[SHA_DIGEST_SIZE]; + byte shasum[SHA256_DIGEST_SIZE]; - InitSha(&sha); + InitSha256(&sha256); if( !( f = fopen( file, "rb" ) )) { printf("Can't open %s\n", file); return; } while( ( i = (int)fread(buf, 1, sizeof(buf), f )) > 0 ) - ShaUpdate(&sha, buf, i); + Sha256Update(&sha256, buf, i); - ShaFinal(&sha, shasum); + Sha256Final(&sha256, shasum); memcpy(check, shasum, sizeof(shasum)); - for(j = 0; j < SHA_DIGEST_SIZE; ++j ) + for(j = 0; j < SHA256_DIGEST_SIZE; ++j ) printf( "%02x", shasum[j] ); printf(" %s\n", file);