Merge remote-tracking branch 'origin/pr/646' into baremetal
diff --git a/configs/baremetal_test.h b/configs/baremetal_test.h
index b7e36f0..b107bd7 100644
--- a/configs/baremetal_test.h
+++ b/configs/baremetal_test.h
@@ -37,9 +37,6 @@
 /* Debug output */
 #define MBEDTLS_DEBUG_C
 
-/* ssl_client2 and ssl_server2 use CTR-DRBG so far. */
-#define MBEDTLS_CTR_DRBG_C
-
 /* The ticket implementation hardcodes AES-GCM */
 #define MBEDTLS_GCM_C
 
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 2aa4950..788793a 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -43,13 +43,16 @@
 #endif
 
 #if !defined(MBEDTLS_ENTROPY_C) || \
-    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
-    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C)
+    !defined(MBEDTLS_SSL_TLS_C) || \
+    !defined(MBEDTLS_SSL_CLI_C) || \
+    !defined(MBEDTLS_NET_C)     || \
+    !( defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_HMAC_DRBG_C) )
 int main( void )
 {
     mbedtls_printf("MBEDTLS_ENTROPY_C and/or "
            "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
-           "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n");
+           "MBEDTLS_NET_C not defined, or "
+           "neither MBEDTLS_CTR_DRBG_C nor MBEDTLS_HMAC_DRBG_C defined.\n");
     return( 0 );
 }
 #else
@@ -59,6 +62,7 @@
 #include "mbedtls/ssl_ciphersuites.h"
 #include "mbedtls/entropy.h"
 #include "mbedtls/ctr_drbg.h"
+#include "mbedtls/hmac_drbg.h"
 #include "mbedtls/certs.h"
 #include "mbedtls/x509.h"
 #include "mbedtls/error.h"
@@ -701,8 +705,12 @@
     return( 0 );
 }
 
-#if !defined(MBEDTLS_SSL_CONF_SINGLE_HASH)
-static int ssl_sig_hashes_for_test[] = {
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if ( defined(MBEDTLS_X509_CRT_PARSE_C) &&        \
+      !defined(MBEDTLS_SSL_CONF_SINGLE_HASH) ) || \
+    !defined(MBEDTLS_CTR_DRBG_C)
+static int available_hashes[] = {
 #if defined(MBEDTLS_SHA512_C)
     MBEDTLS_MD_SHA512,
     MBEDTLS_MD_SHA384,
@@ -717,8 +725,8 @@
 #endif
     MBEDTLS_MD_NONE
 };
-#endif /* !MBEDTLS_SSL_CONF_SINGLE_HASH */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* ( MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_CONF_SINGLE_HASH ) ||
+          !MBEDTLS_CTR_DRBG_C */
 
 /*
  * Wait for an event from the underlying transport or the timer
@@ -892,14 +900,23 @@
 #if defined(MBEDTLS_SSL_CONF_RNG)
 int rng_wrap( void *ctx, unsigned char *dst, size_t len );
 
+#if defined(MBEDTLS_CTR_DRBG_C)
 mbedtls_ctr_drbg_context *rng_ctx_global = NULL;
+#else
+mbedtls_hmac_drbg_context *rng_ctx_global = NULL;
+#endif /* MBEDTLS_CTR_DRBG_C */
+
 int rng_wrap( void *ctx, unsigned char *dst, size_t len )
 {
     /* We expect the NULL parameter here. */
     if( ctx != NULL )
         return( -1 );
 
+#if defined(MBEDTLS_CTR_DRBG_C)
     return( mbedtls_ctr_drbg_random( rng_ctx_global, dst, len ) );
+#else
+    return( mbedtls_hmac_drbg_random( rng_ctx_global, dst, len ) );
+#endif
 }
 #endif /* MBEDTLS_SSL_CONF_RNG */
 
@@ -941,7 +958,11 @@
     mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
 #endif
     mbedtls_entropy_context entropy;
+#if defined(MBEDTLS_CTR_DRBG_C)
     mbedtls_ctr_drbg_context ctr_drbg;
+#else
+    mbedtls_hmac_drbg_context hmac_drbg;
+#endif
     mbedtls_ssl_context ssl;
     mbedtls_ssl_config conf;
     mbedtls_ssl_session saved_session;
@@ -970,7 +991,11 @@
     mbedtls_ssl_init( &ssl );
     mbedtls_ssl_config_init( &conf );
     memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
+#if defined(MBEDTLS_CTR_DRBG_C)
     mbedtls_ctr_drbg_init( &ctr_drbg );
+#else
+    mbedtls_hmac_drbg_init( &hmac_drbg );
+#endif /* MBEDTLS_CTR_DRBG_C */
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
     mbedtls_x509_crt_init( &cacert );
     mbedtls_x509_crt_init( &clicert );
@@ -1664,6 +1689,7 @@
     fflush( stdout );
 
     mbedtls_entropy_init( &entropy );
+#if defined(MBEDTLS_CTR_DRBG_C)
     if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
                                        &entropy, (const unsigned char *) pers,
                                        strlen( pers ) ) ) != 0 )
@@ -1672,6 +1698,19 @@
                         -ret );
         goto exit;
     }
+#else /* MBEDTLS_CTR_DRBG_C */
+    if( ( ret = mbedtls_hmac_drbg_seed( &hmac_drbg,
+                                        mbedtls_md_info_from_type(
+                                            available_hashes[0] ),
+                                        mbedtls_entropy_func,
+                                        &entropy, (const unsigned char *) pers,
+                                        strlen( pers ) ) ) != 0 )
+    {
+        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%x\n",
+                        -ret );
+        goto exit;
+    }
+#endif /* MBEDTLS_CTR_DRBG */
 
     mbedtls_printf( " ok\n" );
 
@@ -1851,7 +1890,7 @@
         crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 );
         mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test );
 #if !defined(MBEDTLS_SSL_CONF_SINGLE_HASH)
-        mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test );
+        mbedtls_ssl_conf_sig_hashes( &conf, available_hashes );
 #endif
     }
 
@@ -1953,11 +1992,19 @@
         }
 #endif
 
+#if defined(MBEDTLS_CTR_DRBG_C)
 #if !defined(MBEDTLS_SSL_CONF_RNG)
     mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
 #else
     rng_ctx_global = &ctr_drbg;
 #endif
+#else /* MBEDTLS_CTR_DRBG_C */
+#if !defined(MBEDTLS_SSL_CONF_RNG)
+    mbedtls_ssl_conf_rng( &conf, mbedtls_hmac_drbg_random, &hmac_drbg );
+#else
+    rng_ctx_global = &hmac_drbg;
+#endif
+#endif /* MBEDTLS_CTR_DRBG_C */
 
 #if defined(MBEDTLS_DEBUG_C)
     mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
@@ -2871,7 +2918,11 @@
     mbedtls_ssl_session_free( &saved_session );
     mbedtls_ssl_free( &ssl );
     mbedtls_ssl_config_free( &conf );
+#if defined(MBEDTLS_CTR_DRBG_C)
     mbedtls_ctr_drbg_free( &ctr_drbg );
+#else
+    mbedtls_hmac_drbg_free( &hmac_drbg );
+#endif
     mbedtls_entropy_free( &entropy );
     if( session_data != NULL )
         mbedtls_platform_zeroize( session_data, session_data_len );
@@ -2895,4 +2946,4 @@
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
           MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
-          MBEDTLS_CTR_DRBG_C MBEDTLS_TIMING_C */
+          ( MBEDTLS_CTR_DRBG_C || MBEDTLS_HMAC_DRBG_C ) && MBEDTLS_TIMING_C */
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index e0e4337..890725e 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -42,13 +42,16 @@
 #endif
 
 #if !defined(MBEDTLS_ENTROPY_C) || \
-    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \
-    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C)
+    !defined(MBEDTLS_SSL_TLS_C) || \
+    !defined(MBEDTLS_SSL_SRV_C) || \
+    !defined(MBEDTLS_NET_C)     || \
+    !( defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_HMAC_DRBG_C) )
 int main( void )
 {
     mbedtls_printf("MBEDTLS_ENTROPY_C and/or "
            "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
-           "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n");
+           "MBEDTLS_NET_C not defined, or "
+           "neither MBEDTLS_CTR_DRBG_C nor MBEDTLS_HMAC_DRBG_C defined.\n");
     return( 0 );
 }
 #else
@@ -58,6 +61,7 @@
 #include "mbedtls/ssl_ciphersuites.h"
 #include "mbedtls/entropy.h"
 #include "mbedtls/ctr_drbg.h"
+#include "mbedtls/hmac_drbg.h"
 #include "mbedtls/certs.h"
 #include "mbedtls/x509.h"
 #include "mbedtls/error.h"
@@ -1133,9 +1137,10 @@
 }
 #endif
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    !defined(MBEDTLS_SSL_CONF_SINGLE_HASH)
-static int ssl_sig_hashes_for_test[] = {
+#if ( defined(MBEDTLS_X509_CRT_PARSE_C) &&        \
+      !defined(MBEDTLS_SSL_CONF_SINGLE_HASH) ) || \
+    !defined(MBEDTLS_CTR_DRBG_C)
+static int available_hashes[] = {
 #if defined(MBEDTLS_SHA512_C)
     MBEDTLS_MD_SHA512,
     MBEDTLS_MD_SHA384,
@@ -1150,7 +1155,8 @@
 #endif
     MBEDTLS_MD_NONE
 };
-#endif /* MBEDTLS_X509_CRT_PARSE_C && !defined(MBEDTLS_SSL_CONF_SINGLE_HASH) */
+#endif /* ( MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_CONF_SINGLE_HASH ) ||
+          !MBEDTLS_CTR_DRBG_C */
 
 /** Return true if \p ret is a status code indicating that there is an
  * operation in progress on an SSL connection, and false if it indicates
@@ -1508,14 +1514,23 @@
 #if defined(MBEDTLS_SSL_CONF_RNG)
 int rng_wrap( void *ctx, unsigned char *dst, size_t len );
 
+#if defined(MBEDTLS_CTR_DRBG_C)
 mbedtls_ctr_drbg_context *rng_ctx_global = NULL;
+#else
+mbedtls_hmac_drbg_context *rng_ctx_global = NULL;
+#endif /* MBEDTLS_CTR_DRBG_C */
+
 int rng_wrap( void *ctx, unsigned char *dst, size_t len )
 {
     /* We expect the NULL parameter here. */
     if( ctx != NULL )
         return( -1 );
 
+#if defined(MBEDTLS_CTR_DRBG_C)
     return( mbedtls_ctr_drbg_random( rng_ctx_global, dst, len ) );
+#else
+    return( mbedtls_hmac_drbg_random( rng_ctx_global, dst, len ) );
+#endif
 }
 #endif /* MBEDTLS_SSL_CONF_RNG */
 
@@ -1545,7 +1560,11 @@
     mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
 #endif
     mbedtls_entropy_context entropy;
+#if defined(MBEDTLS_CTR_DRBG_C)
     mbedtls_ctr_drbg_context ctr_drbg;
+#else
+    mbedtls_hmac_drbg_context hmac_drbg;
+#endif
     mbedtls_ssl_context ssl;
     mbedtls_ssl_config conf;
 #if defined(MBEDTLS_TIMING_C)
@@ -1615,7 +1634,11 @@
     mbedtls_net_init( &listen_fd );
     mbedtls_ssl_init( &ssl );
     mbedtls_ssl_config_init( &conf );
+#if defined(MBEDTLS_CTR_DRBG_C)
     mbedtls_ctr_drbg_init( &ctr_drbg );
+#else
+    mbedtls_hmac_drbg_init( &hmac_drbg );
+#endif /* MBEDTLS_CTR_DRBG_C */
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
     mbedtls_x509_crt_init( &cacert );
     mbedtls_x509_crt_init( &srvcert );
@@ -2418,6 +2441,7 @@
     fflush( stdout );
 
     mbedtls_entropy_init( &entropy );
+#if defined(MBEDTLS_CTR_DRBG_C)
     if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
                                        &entropy, (const unsigned char *) pers,
                                        strlen( pers ) ) ) != 0 )
@@ -2426,6 +2450,19 @@
                         -ret );
         goto exit;
     }
+#else /* MBEDTLS_CTR_DRBG_C */
+    if( ( ret = mbedtls_hmac_drbg_seed( &hmac_drbg,
+                                        mbedtls_md_info_from_type(
+                                            available_hashes[0] ),
+                                        mbedtls_entropy_func,
+                                        &entropy, (const unsigned char *) pers,
+                                        strlen( pers ) ) ) != 0 )
+    {
+        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%x\n",
+                        -ret );
+        goto exit;
+    }
+#endif /* MBEDTLS_CTR_DRBG */
 
     mbedtls_printf( " ok\n" );
 
@@ -2674,7 +2711,7 @@
         crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 );
         mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test );
 #if !defined(MBEDTLS_SSL_CONF_SINGLE_HASH)
-        mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test );
+        mbedtls_ssl_conf_sig_hashes( &conf, available_hashes );
 #endif
     }
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
@@ -2765,11 +2802,19 @@
         }
 #endif
 
+#if defined(MBEDTLS_CTR_DRBG_C)
 #if !defined(MBEDTLS_SSL_CONF_RNG)
     mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
 #else
     rng_ctx_global = &ctr_drbg;
 #endif
+#else /* MBEDTLS_CTR_DRBG_C */
+#if !defined(MBEDTLS_SSL_CONF_RNG)
+    mbedtls_ssl_conf_rng( &conf, mbedtls_hmac_drbg_random, &hmac_drbg );
+#else
+    rng_ctx_global = &hmac_drbg;
+#endif
+#endif /* MBEDTLS_CTR_DRBG_C */
 
 #if defined(MBEDTLS_DEBUG_C)
     mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
@@ -2793,7 +2838,11 @@
     if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED )
     {
         if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx,
+#if defined(MBEDTLS_CTR_DRBG_C)
                         mbedtls_ctr_drbg_random, &ctr_drbg,
+#else
+                        mbedtls_hmac_drbg_random, &hmac_drbg,
+#endif
                         MBEDTLS_CIPHER_AES_256_GCM,
                         opt.ticket_timeout ) ) != 0 )
         {
@@ -2815,7 +2864,12 @@
         if( opt.cookies > 0 )
         {
             if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx,
-                                          mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
+#if defined(MBEDTLS_CTR_DRBG_C)
+                                          mbedtls_ctr_drbg_random, &ctr_drbg
+#else
+                                          mbedtls_hmac_drbg_random, &hmac_drbg
+#endif /* MBEDTLS_CTR_DRBG_C */
+                                          ) ) != 0 )
             {
                 mbedtls_printf( " failed\n  ! mbedtls_ssl_cookie_setup returned %d\n\n", ret );
                 goto exit;
@@ -3852,7 +3906,11 @@
 
     mbedtls_ssl_free( &ssl );
     mbedtls_ssl_config_free( &conf );
+#if defined(MBEDTLS_CTR_DRBG_C)
     mbedtls_ctr_drbg_free( &ctr_drbg );
+#else
+    mbedtls_hmac_drbg_free( &hmac_drbg );
+#endif
     mbedtls_entropy_free( &entropy );
 
 #if defined(MBEDTLS_SSL_CACHE_C)
@@ -3895,4 +3953,4 @@
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
           MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
-          MBEDTLS_CTR_DRBG_C */
+          ( MBEDTLS_CTR_DRBG_C || MBEDTLS_HMAC_DRBG_C ) */
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 2055292..8464dec 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -682,6 +682,27 @@
     if_build_succeeded tests/compat.sh -t RSA
 }
 
+component_test_no_ctr_drbg () {
+    msg "build: Default + !MBEDTLS_CTR_DRBG_C"
+    scripts/config.pl unset MBEDTLS_CTR_DRBG_C
+    CC=gcc cmake .
+    make
+
+    msg "test: !MBEDTLS_CTR_DRBG_C - ssl-opt.sh" # ~ 5s
+    if_build_succeeded tests/ssl-opt.sh --filter "Default"
+}
+
+component_test_no_ctr_drbg_no_sha512 () {
+    msg "build: Default + !MBEDTLS_CTR_DRBG_C + !MBEDTLS_SHA512_C"
+    scripts/config.pl unset MBEDTLS_CTR_DRBG_C
+    scripts/config.pl unset MBEDTLS_SHA512_C
+    CC=gcc cmake .
+    make
+
+    msg "test: !MBEDTLS_CTR_DRBG_C + !MBEDTLS_SHA512_C - ssl-opt.sh" # ~ 5s
+    if_build_succeeded tests/ssl-opt.sh --filter "Default"
+}
+
 component_test_no_resumption () {
     msg "build: Default + MBEDTLS_SSL_NO_SESSION_RESUMPTION (ASan build)" # ~ 6 min
     scripts/config.pl unset MBEDTLS_SSL_SESSION_TICKETS
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 89c84e8..f2a9b98 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -1506,7 +1506,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
+/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
 void mbedtls_rsa_validate_params( int radix_N, char *input_N,
                                   int radix_P, char *input_P,
                                   int radix_Q, char *input_Q,