mirror of
https://github.com/yuzu-emu/mbedtls
synced 2024-11-24 12:58:30 +00:00
Add programs/test/zeroize.c to test mbedtls_zeroize
The idea is to use the simple program that is expected to be modified rarely to set a breakpoint in a specific line and check that the function mbedtls_zeroize() does actually set the buffer to 0 and is not optimised out by the compiler.
This commit is contained in:
parent
614d9c0667
commit
5ab74a1401
4 changed files with 101 additions and 1 deletions
1
programs/.gitignore
vendored
1
programs/.gitignore
vendored
|
@ -47,6 +47,7 @@ test/ecp-bench
|
|||
test/selftest
|
||||
test/ssl_cert_test
|
||||
test/udp_proxy
|
||||
test/zeroize
|
||||
util/pem2der
|
||||
util/strerror
|
||||
x509/cert_app
|
||||
|
|
|
@ -67,6 +67,7 @@ APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \
|
|||
random/gen_random_ctr_drbg$(EXEXT) \
|
||||
test/ssl_cert_test$(EXEXT) test/benchmark$(EXEXT) \
|
||||
test/selftest$(EXEXT) test/udp_proxy$(EXEXT) \
|
||||
test/zeroize$(EXEXT) \
|
||||
util/pem2der$(EXEXT) util/strerror$(EXEXT) \
|
||||
x509/cert_app$(EXEXT) x509/crl_app$(EXEXT) \
|
||||
x509/cert_req$(EXEXT) x509/cert_write$(EXEXT) \
|
||||
|
@ -249,6 +250,10 @@ test/udp_proxy$(EXEXT): test/udp_proxy.c $(DEP)
|
|||
echo " CC test/udp_proxy.c"
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/udp_proxy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
|
||||
|
||||
test/zeroize$(EXEXT): test/zeroize.c $(DEP)
|
||||
echo " CC test/zeroize.c"
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/zeroize.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
|
||||
|
||||
util/pem2der$(EXEXT): util/pem2der.c $(DEP)
|
||||
echo " CC util/pem2der.c"
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) util/pem2der.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
|
||||
|
|
|
@ -22,6 +22,9 @@ target_link_libraries(ssl_cert_test ${libs})
|
|||
add_executable(udp_proxy udp_proxy.c)
|
||||
target_link_libraries(udp_proxy ${libs})
|
||||
|
||||
install(TARGETS selftest benchmark ssl_cert_test udp_proxy
|
||||
add_executable(zeroize zeroize.c)
|
||||
target_link_libraries(zeroize ${libs})
|
||||
|
||||
install(TARGETS selftest benchmark ssl_cert_test udp_proxy zeroize
|
||||
DESTINATION "bin"
|
||||
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
|
||||
|
|
91
programs/test/zeroize.c
Normal file
91
programs/test/zeroize.c
Normal file
|
@ -0,0 +1,91 @@
|
|||
/*
|
||||
* Zeroize demonstration program
|
||||
*
|
||||
* Copyright (C) 2017, ARM Limited, All Rights Reserved
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
||||
*/
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdlib.h>
|
||||
#define mbedtls_printf printf
|
||||
#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
|
||||
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
|
||||
#endif
|
||||
|
||||
#include "mbedtls/utils.h"
|
||||
|
||||
#define BUFFER_LEN 1024
|
||||
|
||||
void usage( void )
|
||||
{
|
||||
mbedtls_printf( "Zeroize is a simple program to assist with testing\n" );
|
||||
mbedtls_printf( "the mbedtls_zeroize() function by using the\n" );
|
||||
mbedtls_printf( "debugger. This program takes a file as input and\n" );
|
||||
mbedtls_printf( "prints the first %d characters. Usage:\n\n", BUFFER_LEN );
|
||||
mbedtls_printf( " zeroize <FILE>\n" );
|
||||
}
|
||||
|
||||
int main( int argc, char** argv )
|
||||
{
|
||||
int exit_code = MBEDTLS_EXIT_FAILURE;
|
||||
FILE * fp;
|
||||
char buf[BUFFER_LEN];
|
||||
char *p = buf;
|
||||
char *end = p + BUFFER_LEN;
|
||||
char c;
|
||||
|
||||
if( argc != 2 )
|
||||
{
|
||||
mbedtls_printf( "This program takes exactly 1 agument\n" );
|
||||
usage();
|
||||
return( exit_code );
|
||||
}
|
||||
|
||||
fp = fopen( argv[1], "r" );
|
||||
if( fp == NULL )
|
||||
{
|
||||
mbedtls_printf( "Could not open file '%s'\n", argv[1] );
|
||||
return( exit_code );
|
||||
}
|
||||
|
||||
while( ( c = fgetc( fp ) ) != EOF && p < end - 1 )
|
||||
*p++ = c;
|
||||
*p = '\0';
|
||||
|
||||
if( p - buf != 0 )
|
||||
{
|
||||
mbedtls_printf( "%s\n", buf );
|
||||
mbedtls_zeroize( buf, sizeof( buf ) );
|
||||
exit_code = MBEDTLS_EXIT_SUCCESS;
|
||||
}
|
||||
else
|
||||
mbedtls_printf( "The file is empty!\n" );
|
||||
|
||||
fclose( fp );
|
||||
|
||||
return( exit_code );
|
||||
}
|
Loading…
Reference in a new issue