- Functions requiring File System functions can now be disables by undefining POLARSSL_FS_IO

335db3f1 · Paul Bakker · 15566e43 · 335db3f1 · 335db3f1 · 335db3f1
Commit 335db3f1 authored Apr 25, 2011 by Paul Bakker
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,8 @@ Features
   * Added additional Cipher Block Modes to symmetric ciphers
     (AES CTR, Camellia CTR, XTEA CBC) including the option to
 	 enable and disable individual modes when needed
+   * Functions requiring File System functions can now be disabled
+     by undefining POLARSSL_FS_IO

 Changes
   * Major argument / variable rewrite. Introduced use of size_t

--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -143,6 +143,13 @@
 */
 #define POLARSSL_GENPRIME

+/**
+ * \def POLARSSL_FS_IO
+ *
+ * Enable functions that use the filesystem.
+ */
+#define POLARSSL_FS_IO
+
 /**
 * \def POLARSSL_PKCS1_V21
 *

--- a/include/polarssl/md.h
+++ b/include/polarssl/md.h
@@ -36,6 +36,8 @@
 #define inline _inline
 #endif

+#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE                     -0x0830
+
 typedef enum {
    POLARSSL_MD_NONE=0,
    POLARSSL_MD_MD2,

--- a/library/bignum.c
+++ b/library/bignum.c
@@ -407,6 +407,7 @@ cleanup:
    return( ret );
 }

+#if defined(POLARSSL_FS_IO)
 /*
 * Read X from an opened file
 */
@@ -468,6 +469,7 @@ cleanup:

    return( ret );
 }
+#endif /* POLARSSL_FS_IO */

 /*
 * Import X from unsigned binary data, big endian

--- a/library/md.c
+++ b/library/md.c
@@ -225,7 +225,14 @@ int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
    if( md_info == NULL )
        return 3;

+#if defined(POLARSSL_FS_IO)
    return md_info->file_func( path, output );
+#else
+    ((void) path);
+    ((void) output);
+
+    return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
+#endif
 }

 int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )

--- a/library/md2.c
+++ b/library/md2.c
@@ -35,7 +35,9 @@

 #include "polarssl/md2.h"

+#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
 #include <stdio.h>
+#endif

 static const unsigned char PI_SUBST[256] =
 {
@@ -175,6 +177,7 @@ void md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
    memset( &ctx, 0, sizeof( md2_context ) );
 }

+#if defined(POLARSSL_FS_IO)
 /*
 * output = MD2( file contents )
 */
@@ -206,6 +209,7 @@ int md2_file( const char *path, unsigned char output[16] )
    fclose( f );
    return( 0 );
 }
+#endif /* POLARSSL_FS_IO */

 /*
 * MD2 HMAC context setup

--- a/library/md4.c
+++ b/library/md4.c
@@ -35,7 +35,9 @@

 #include "polarssl/md4.h"

+#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
 #include <stdio.h>
+#endif

 /*
 * 32-bit integer manipulation macros (little endian)
@@ -271,6 +273,7 @@ void md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
    memset( &ctx, 0, sizeof( md4_context ) );
 }

+#if defined(POLARSSL_FS_IO)
 /*
 * output = MD4( file contents )
 */
@@ -302,6 +305,7 @@ int md4_file( const char *path, unsigned char output[16] )
    fclose( f );
    return( 0 );
 }
+#endif /* POLARSSL_FS_IO */

 /*
 * MD4 HMAC context setup

--- a/library/md5.c
+++ b/library/md5.c
@@ -34,7 +34,9 @@

 #include "polarssl/md5.h"

+#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
 #include <stdio.h>
+#endif

 /*
 * 32-bit integer manipulation macros (little endian)
@@ -290,6 +292,7 @@ void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
    memset( &ctx, 0, sizeof( md5_context ) );
 }

+#if defined(POLARSSL_FS_IO)
 /*
 * output = MD5( file contents )
 */
@@ -321,6 +324,7 @@ int md5_file( const char *path, unsigned char output[16] )
    fclose( f );
    return( 0 );
 }
+#endif /* POLARSSL_FS_IO */

 /*
 * MD5 HMAC context setup

--- a/library/md_wrap.c
+++ b/library/md_wrap.c
@@ -58,6 +58,17 @@ static void md2_finish_wrap( void *ctx, unsigned char *output )
    md2_finish( (md2_context *) ctx, output );
 }

+int md2_file_wrap( const char *path, unsigned char *output )
+{
+#if defined(POLARSSL_FS_IO)
+    return md2_file( path, output );
+#else
+    ((void) path);
+    ((void) output);
+    return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
+#endif
+}
+
 static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
 {
    md2_hmac_starts( (md2_context *) ctx, key, keylen );
@@ -96,7 +107,7 @@ const md_info_t md2_info = {
    md2_update_wrap,
    md2_finish_wrap,
    md2,
-    md2_file,
+    md2_file_wrap,
    md2_hmac_starts_wrap,
    md2_hmac_update_wrap,
    md2_hmac_finish_wrap,
@@ -125,6 +136,17 @@ void md4_finish_wrap( void *ctx, unsigned char *output )
    md4_finish( (md4_context *) ctx, output );
 }

+int md4_file_wrap( const char *path, unsigned char *output )
+{
+#if defined(POLARSSL_FS_IO)
+    return md4_file( path, output );
+#else
+    ((void) path);
+    ((void) output);
+    return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
+#endif
+}
+
 void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
 {
    md4_hmac_starts( (md4_context *) ctx, key, keylen );
@@ -163,7 +185,7 @@ const md_info_t md4_info = {
    md4_update_wrap,
    md4_finish_wrap,
    md4,
-    md4_file,
+    md4_file_wrap,
    md4_hmac_starts_wrap,
    md4_hmac_update_wrap,
    md4_hmac_finish_wrap,
@@ -192,6 +214,17 @@ static void md5_finish_wrap( void *ctx, unsigned char *output )
    md5_finish( (md5_context *) ctx, output );
 }

+int md5_file_wrap( const char *path, unsigned char *output )
+{
+#if defined(POLARSSL_FS_IO)
+    return md5_file( path, output );
+#else
+    ((void) path);
+    ((void) output);
+    return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
+#endif
+}
+
 static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
 {
    md5_hmac_starts( (md5_context *) ctx, key, keylen );
@@ -230,7 +263,7 @@ const md_info_t md5_info = {
    md5_update_wrap,
    md5_finish_wrap,
    md5,
-    md5_file,
+    md5_file_wrap,
    md5_hmac_starts_wrap,
    md5_hmac_update_wrap,
    md5_hmac_finish_wrap,
@@ -259,6 +292,17 @@ void sha1_finish_wrap( void *ctx, unsigned char *output )
    sha1_finish( (sha1_context *) ctx, output );
 }

+int sha1_file_wrap( const char *path, unsigned char *output )
+{
+#if defined(POLARSSL_FS_IO)
+    return sha1_file( path, output );
+#else
+    ((void) path);
+    ((void) output);
+    return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
+#endif
+}
+
 void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
 {
    sha1_hmac_starts( (sha1_context *) ctx, key, keylen );
@@ -297,7 +341,7 @@ const md_info_t sha1_info = {
    sha1_update_wrap,
    sha1_finish_wrap,
    sha1,
-    sha1_file,
+    sha1_file_wrap,
    sha1_hmac_starts_wrap,
    sha1_hmac_update_wrap,
    sha1_hmac_finish_wrap,
@@ -337,7 +381,13 @@ void sha224_wrap( const unsigned char *input, size_t ilen,

 int sha224_file_wrap( const char *path, unsigned char *output )
 {
+#if defined(POLARSSL_FS_IO)
    return sha2_file( path, output, 1 );
+#else
+    ((void) path);
+    ((void) output);
+    return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
+#endif
 }

 void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
@@ -418,7 +468,13 @@ void sha256_wrap( const unsigned char *input, size_t ilen,

 int sha256_file_wrap( const char *path, unsigned char *output )
 {
+#if defined(POLARSSL_FS_IO)
    return sha2_file( path, output, 0 );
+#else
+    ((void) path);
+    ((void) output);
+    return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
+#endif
 }

 void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
@@ -503,7 +559,13 @@ void sha384_wrap( const unsigned char *input, size_t ilen,

 int sha384_file_wrap( const char *path, unsigned char *output )
 {
+#if defined(POLARSSL_FS_IO)
    return sha4_file( path, output, 1 );
+#else
+    ((void) path);
+    ((void) output);
+    return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
+#endif
 }

 void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
@@ -584,7 +646,13 @@ void sha512_wrap( const unsigned char *input, size_t ilen,

 int sha512_file_wrap( const char *path, unsigned char *output )
 {
+#if defined(POLARSSL_FS_IO)
    return sha4_file( path, output, 0 );
+#else
+    ((void) path);
+    ((void) output);
+    return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
+#endif
 }

 void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )

--- a/library/sha1.c
+++ b/library/sha1.c
@@ -34,7 +34,9 @@

 #include "polarssl/sha1.h"

+#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
 #include <stdio.h>
+#endif

 /*
 * 32-bit integer manipulation macros (big endian)
@@ -325,6 +327,7 @@ void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
    memset( &ctx, 0, sizeof( sha1_context ) );
 }

+#if defined(POLARSSL_FS_IO)
 /*
 * output = SHA-1( file contents )
 */
@@ -356,6 +359,7 @@ int sha1_file( const char *path, unsigned char output[20] )
    fclose( f );
    return( 0 );
 }
+#endif /* POLARSSL_FS_IO */

 /*
 * SHA-1 HMAC context setup

--- a/library/sha2.c
+++ b/library/sha2.c
@@ -34,7 +34,9 @@

 #include "polarssl/sha2.h"

+#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
 #include <stdio.h>
+#endif

 /*
 * 32-bit integer manipulation macros (big endian)
@@ -327,6 +329,7 @@ void sha2( const unsigned char *input, size_t ilen,
    memset( &ctx, 0, sizeof( sha2_context ) );
 }

+#if defined(POLARSSL_FS_IO)
 /*
 * output = SHA-256( file contents )
 */
@@ -358,6 +361,7 @@ int sha2_file( const char *path, unsigned char output[32], int is224 )
    fclose( f );
    return( 0 );
 }
+#endif /* POLARSSL_FS_IO */

 /*
 * SHA-256 HMAC context setup

--- a/library/sha4.c
+++ b/library/sha4.c
@@ -34,7 +34,9 @@

 #include "polarssl/sha4.h"

+#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
 #include <stdio.h>
+#endif

 /*
 * 64-bit integer manipulation macros (big endian)
@@ -325,6 +327,7 @@ void sha4( const unsigned char *input, size_t ilen,
    memset( &ctx, 0, sizeof( sha4_context ) );
 }

+#if defined(POLARSSL_FS_IO)
 /*
 * output = SHA-512( file contents )
 */
@@ -356,6 +359,7 @@ int sha4_file( const char *path, unsigned char output[64], int is384 )
    fclose( f );
    return( 0 );
 }
+#endif /* POLARSSL_FS_IO */

 /*
 * SHA-512 HMAC context setup

--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -51,9 +51,12 @@

 #include <string.h>
 #include <stdlib.h>
-#include <stdio.h>
 #include <time.h>

+#if defined(POLARSSL_FS_IO)
+#include <stdio.h>
+#endif
+
 /*
 * ASN.1 DER decoding routines
 */
@@ -1739,6 +1742,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
    return( 0 );
 }

+#if defined(POLARSSL_FS_IO)
 /*
 * Load all data from a file into a given buffer.
 */
@@ -1810,6 +1814,51 @@ int x509parse_crlfile( x509_crl *chain, const char *path )
    return( ret );
 }

+/*
+ * Load and parse a private RSA key
+ */
+int x509parse_keyfile( rsa_context *rsa, const char *path, const char *pwd )
+{
+    int ret;
+    size_t n;
+    unsigned char *buf;
+
+    if ( load_file( path, &buf, &n ) )
+        return( 1 );
+
+    if( pwd == NULL )
+        ret = x509parse_key( rsa, buf, (int) n, NULL, 0 );
+    else
+        ret = x509parse_key( rsa, buf, (int) n,
+                (unsigned char *) pwd, strlen( pwd ) );
+
+    memset( buf, 0, n + 1 );
+    free( buf );
+
+    return( ret );
+}
+
+/*
+ * Load and parse a public RSA key
+ */
+int x509parse_public_keyfile( rsa_context *rsa, const char *path )
+{
+    int ret;
+    size_t n;
+    unsigned char *buf;
+
+    if ( load_file( path, &buf, &n ) )
+        return( 1 );
+
+    ret = x509parse_public_key( rsa, buf, (int) n );
+
+    memset( buf, 0, n + 1 );
+    free( buf );
+
+    return( ret );
+}
+#endif /* POLARSSL_FS_IO */
+
 /*
 * Parse a private RSA key
 */
@@ -1935,30 +1984,6 @@ int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
    return( 0 );
 }

-/*
- * Load and parse a private RSA key
- */
-int x509parse_keyfile( rsa_context *rsa, const char *path, const char *pwd )
-{
-    int ret;
-    size_t n;
-    unsigned char *buf;
-
-    if ( load_file( path, &buf, &n ) )
-        return( 1 );
-
-    if( pwd == NULL )
-        ret = x509parse_key( rsa, buf, (int) n, NULL, 0 );
-    else
-        ret = x509parse_key( rsa, buf, (int) n,
-                (unsigned char *) pwd, strlen( pwd ) );
-
-    memset( buf, 0, n + 1 );
-    free( buf );
-
-    return( ret );
-}
-
 /*
 * Parse a public RSA key
 */
@@ -2050,26 +2075,6 @@ int x509parse_public_key( rsa_context *rsa, const unsigned char *key, size_t key
    return( 0 );
 }

-/*
- * Load and parse a public RSA key
- */
-int x509parse_public_keyfile( rsa_context *rsa, const char *path )
-{
-    int ret;
-    size_t n;
-    unsigned char *buf;
-
-    if ( load_file( path, &buf, &n ) )
-        return( 1 );
-
-    ret = x509parse_public_key( rsa, buf, (int) n );
-
-    memset( buf, 0, n + 1 );
-    free( buf );
-
-    return( ret );
-}
-
 #if defined(POLARSSL_DHM_C)
 /*
 * Parse DHM parameters
@@ -2154,6 +2159,7 @@ int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen
    return( 0 );
 }

+#if defined(POLARSSL_FS_IO)
 /*
 * Load and parse a private RSA key
 */
@@ -2173,6 +2179,7 @@ int x509parse_dhmfile( dhm_context *dhm, const char *path )

    return( ret );
 }
+#endif /* POLARSSL_FS_IO */
 #endif /* POLARSSL_DHM_C */

 #if defined _MSC_VER && !defined snprintf

--- a/tests/suites/test_suite_aes.data
+++ b/tests/suites/test_suite_aes.data
@@ -746,4 +746,5 @@ AES-256-CBC Decrypt (Invalid input length)
 aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c74":"":POLARSSL_ERR_AES_INVALID_INPUT_LENGTH

 AES Selftest
+depends_on:POLARSSL_SELF_TEST
 aes_selftest:
--- a/tests/suites/test_suite_arc4.data
+++ b/tests/suites/test_suite_arc4.data
@@ -8,4 +8,5 @@ Test vector ARC4 [SSH ARCFOUR]
 arc4_crypt:"527569736c696e6e756e206c61756c75206b6f727669737373616e692c2074e4686be470e46964656e2070e4e46c6ce42074e47973696b75752e204b6573e479f66e206f6e206f6e6e69206f6d616e616e692c206b61736b6973617675756e206c61616b736f7420766572686f75752e20456e206d6120696c6f697473652c20737572652068756f6b61612c206d75747461206d657473e46e2074756d6d757573206d756c6c652074756f6b61612e205075756e746f2070696c76656e2c206d692068756b6b75752c207369696e746f20766172616e207475756c6973656e2c206d69206e756b6b75752e2054756f6b7375742076616e616d6f6e206a61207661726a6f74207665656e2c206e69697374e420737964e46d656e69206c61756c756e207465656e2e202d2045696e6f204c65696e6f":"29041972fb42ba5fc7127712f13829c9":"358186999001e6b5daf05eceeb7eee21e0689c1f00eea81f7dd2caaee1d2763e68af0ead33d66c268bc946c484fbe94c5f5e0b86a59279e4f824e7a640bd223210b0a61160b7bce986ea65688003596b630a6b90f8e0caf6912a98eb872176e83c202caa64166d2cce57ff1bca57b213f0ed1aa72fb8ea52b0be01cd1e412867720b326eb389d011bd70d8af035fb0d8589dbce3c666f5ea8d4c7954c50c3f340b0467f81b425961c11843074df620f208404b394cf9d37ff54b5f1ad8f6ea7da3c561dfa7281f964463d2cc35a4d1b03490dec51b0711fbd6f55f79234d5b7c766622a66de92be996461d5e4dc878ef9bca030521e8351e4baed2fd04f9467368c4ad6ac186d08245b263a2666d1f6c5420f1599dfd9f438921c2f5a463938ce0982265eef70179bc553f339eb1a4c1af5f6a547f"

 ARC4 Selftest
+depends_on:POLARSSL_SELF_TEST
 arc4_selftest:
--- a/tests/suites/test_suite_base64.data
+++ b/tests/suites/test_suite_base64.data
@@ -56,4 +56,5 @@ Base64 decode (Invalid char after equal signs)
 base64_decode:"zm=masd":"":POLARSSL_ERR_BASE64_INVALID_CHARACTER

 Base64 Selftest
+depends_on:POLARSSL_SELF_TEST
 base64_selftest:
--- a/tests/suites/test_suite_camellia.data
+++ b/tests/suites/test_suite_camellia.data
@@ -197,4 +197,5 @@ Camellia-256-CBC Decrypt (Invalid input length)
 camellia_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c74":"":POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH

 Camellia Selftest
+depends_on:POLARSSL_SELF_TEST
 camellia_selftest:
--- a/tests/suites/test_suite_cipher.data
+++ b/tests/suites/test_suite_cipher.data
 Cipher Selftest
+depends_on:POLARSSL_SELF_TEST
 cipher_selftest:

 Decrypt empty buffer

--- a/tests/suites/test_suite_debug.data
+++ b/tests/suites/test_suite_debug.data
 Debug print certificate #1
-depends_on:POLARSSL_DEBUG_C:POLARSSL_PEM_C
+depends_on:POLARSSL_DEBUG_C:POLARSSL_PEM_C:POLARSSL_FS_IO
 debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued  on    \: 2011-02-12 14\:44\:06\nMyFile(0999)\: expires on    \: 2021-02-12 14\:44\:06\nMyFile(0999)\: signed using  \: RSA+SHA1\nMyFile(0999)\: RSA key size  \: 2048 bits\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\:  a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\:  15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\:  43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\:  dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\:  83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\:  70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\:  4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\:  f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\:  ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\:  24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\:  ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\:  69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\:  73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\:  db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\:  5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\:  ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\:  01 00 01\n"

 Debug print mpi #1

--- a/tests/suites/test_suite_des.data
+++ b/tests/suites/test_suite_des.data
@@ -236,4 +236,5 @@ Run through parity bit tests
 des_key_parity_run:

 DES Selftest
+depends_on:POLARSSL_SELF_TEST
 des_selftest: