mbedtls: Update to upstream version 2.28.4

(cherry picked from commit 1f6340bc46)
This commit is contained in:
Rémi Verschelde 2023-08-04 18:09:03 +02:00 committed by Yuri Sizov
parent 023e154cb4
commit 4c354b4977
37 changed files with 348 additions and 275 deletions

View File

@ -370,7 +370,7 @@ Patch `godot-node-debug-fix.patch` workarounds shadowing of godot's Node class i
## mbedtls ## mbedtls
- Upstream: https://github.com/Mbed-TLS/mbedtls - Upstream: https://github.com/Mbed-TLS/mbedtls
- Version: 2.18.3 (981743de6fcdbe672e482b6fd724d31d0a0d2476, 2023) - Version: 2.28.4 (aeb97a18913a86f051afab11b2c92c6be0c2eb83, 2023)
- License: Apache 2.0 - License: Apache 2.0
File extracted from upstream release tarball: File extracted from upstream release tarball:

View File

@ -274,10 +274,6 @@ int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
* \brief This function performs an ARIA-CTR encryption or decryption * \brief This function performs an ARIA-CTR encryption or decryption
* operation. * operation.
* *
* This function performs the operation defined in the \p mode
* parameter (encrypt/decrypt), on the input data buffer
* defined in the \p input parameter.
*
* Due to the nature of CTR, you must use the same key schedule * Due to the nature of CTR, you must use the same key schedule
* for both encryption and decryption operations. Therefore, you * for both encryption and decryption operations. Therefore, you
* must use the context initialized with mbedtls_aria_setkey_enc() * must use the context initialized with mbedtls_aria_setkey_enc()

View File

@ -453,7 +453,7 @@ void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
* on a successful invocation. * on a successful invocation.
* \param end The end of the ASN.1 SEQUENCE container. * \param end The end of the ASN.1 SEQUENCE container.
* \param tag_must_mask A mask to be applied to the ASN.1 tags found within * \param tag_must_mask A mask to be applied to the ASN.1 tags found within
* the SEQUENCE before comparing to \p tag_must_value. * the SEQUENCE before comparing to \p tag_must_val.
* \param tag_must_val The required value of each ASN.1 tag found in the * \param tag_must_val The required value of each ASN.1 tag found in the
* SEQUENCE, after masking with \p tag_must_mask. * SEQUENCE, after masking with \p tag_must_mask.
* Mismatching tags lead to an error. * Mismatching tags lead to an error.
@ -462,7 +462,7 @@ void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
* while a value of \c 0xFF for \p tag_must_mask means * while a value of \c 0xFF for \p tag_must_mask means
* that \p tag_must_val is the only allowed tag. * that \p tag_must_val is the only allowed tag.
* \param tag_may_mask A mask to be applied to the ASN.1 tags found within * \param tag_may_mask A mask to be applied to the ASN.1 tags found within
* the SEQUENCE before comparing to \p tag_may_value. * the SEQUENCE before comparing to \p tag_may_val.
* \param tag_may_val The desired value of each ASN.1 tag found in the * \param tag_may_val The desired value of each ASN.1 tag found in the
* SEQUENCE, after masking with \p tag_may_mask. * SEQUENCE, after masking with \p tag_may_mask.
* Mismatching tags will be silently ignored. * Mismatching tags will be silently ignored.

View File

@ -533,7 +533,7 @@ int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X,
* \param X The destination MPI. This must point to an initialized MPI. * \param X The destination MPI. This must point to an initialized MPI.
* \param buf The input buffer. This must be a readable buffer of length * \param buf The input buffer. This must be a readable buffer of length
* \p buflen Bytes. * \p buflen Bytes.
* \param buflen The length of the input buffer \p p in Bytes. * \param buflen The length of the input buffer \p buf in Bytes.
* *
* \return \c 0 if successful. * \return \c 0 if successful.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
@ -548,7 +548,7 @@ int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf,
* \param X The destination MPI. This must point to an initialized MPI. * \param X The destination MPI. This must point to an initialized MPI.
* \param buf The input buffer. This must be a readable buffer of length * \param buf The input buffer. This must be a readable buffer of length
* \p buflen Bytes. * \p buflen Bytes.
* \param buflen The length of the input buffer \p p in Bytes. * \param buflen The length of the input buffer \p buf in Bytes.
* *
* \return \c 0 if successful. * \return \c 0 if successful.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
@ -986,8 +986,8 @@ int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than
* or equal to one. * or equal to one.
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p A has no modular
* with respect to \p N. * inverse with respect to \p N.
*/ */
int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *N); const mbedtls_mpi *N);

View File

@ -677,6 +677,15 @@
#if defined(__arm__) && !defined(MULADDC_CANNOT_USE_R7) #if defined(__arm__) && !defined(MULADDC_CANNOT_USE_R7)
#if defined(__thumb__) && !defined(__thumb2__) #if defined(__thumb__) && !defined(__thumb2__)
#if !defined(__ARMCC_VERSION) && !defined(__clang__) \
&& !defined(__llvm__) && !defined(__INTEL_COMPILER)
/*
* Thumb 1 ISA. This code path has only been tested successfully on gcc;
* it does not compile on clang or armclang.
*
* Other compilers which define __GNUC__ may not work. The above macro
* attempts to exclude these untested compilers.
*/
#define MULADDC_INIT \ #define MULADDC_INIT \
asm( \ asm( \
@ -731,6 +740,8 @@
"r6", "r7", "r8", "r9", "cc" \ "r6", "r7", "r8", "r9", "cc" \
); );
#endif /* Compiler is gcc */
#elif (__ARM_ARCH >= 6) && \ #elif (__ARM_ARCH >= 6) && \
defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1) defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1)

View File

@ -231,7 +231,7 @@ int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
* *note Due to the nature of CTR mode, you should use the same * *note Due to the nature of CTR mode, you should use the same
* key for both encryption and decryption. In particular, calls * key for both encryption and decryption. In particular, calls
* to this function should be preceded by a key-schedule via * to this function should be preceded by a key-schedule via
* mbedtls_camellia_setkey_enc() regardless of whether \p mode * mbedtls_camellia_setkey_enc() regardless of whether the mode
* is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT. * is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT.
* *
* \warning You must never reuse a nonce value with the same key. Doing so * \warning You must never reuse a nonce value with the same key. Doing so

View File

@ -427,7 +427,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(const mbedtls_ciphe
const mbedtls_cipher_mode_t mode); const mbedtls_cipher_mode_t mode);
/** /**
* \brief This function initializes a \p cipher_context as NONE. * \brief This function initializes a \p ctx as NONE.
* *
* \param ctx The context to be initialized. This must not be \c NULL. * \param ctx The context to be initialized. This must not be \c NULL.
*/ */
@ -602,7 +602,7 @@ static inline const char *mbedtls_cipher_get_name(
* \param ctx The context of the cipher. This must be initialized. * \param ctx The context of the cipher. This must be initialized.
* *
* \return The key length of the cipher in bits. * \return The key length of the cipher in bits.
* \return #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been * \return #MBEDTLS_KEY_LENGTH_NONE if \p ctx has not been
* initialized. * initialized.
*/ */
static inline int mbedtls_cipher_get_key_bitlen( static inline int mbedtls_cipher_get_key_bitlen(
@ -779,7 +779,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx,
* \param ctx The generic cipher context. This must be initialized and * \param ctx The generic cipher context. This must be initialized and
* bound to a key. * bound to a key.
* \param output The buffer to write data to. This needs to be a writable * \param output The buffer to write data to. This needs to be a writable
* buffer of at least \p block_size Bytes. * buffer of at least block_size Bytes.
* \param olen The length of the data written to the \p output buffer. * \param olen The length of the data written to the \p output buffer.
* This may not be \c NULL. * This may not be \c NULL.
* *

View File

@ -1458,8 +1458,8 @@
* ); * );
* ``` * ```
* The \c context value is initialized to 0 before the first call. * The \c context value is initialized to 0 before the first call.
* The function must fill the \c output buffer with \p output_size bytes * The function must fill the \c output buffer with \c output_size bytes
* of random data and set \c *output_length to \p output_size. * of random data and set \c *output_length to \c output_size.
* *
* Requires: MBEDTLS_PSA_CRYPTO_C * Requires: MBEDTLS_PSA_CRYPTO_C
* *

View File

@ -266,8 +266,9 @@ int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r,
* \param md_alg The hash algorithm used to hash the original data. * \param md_alg The hash algorithm used to hash the original data.
* \param f_rng_blind The RNG function used for blinding. This must not be * \param f_rng_blind The RNG function used for blinding. This must not be
* \c NULL. * \c NULL.
* \param p_rng_blind The RNG context to be passed to \p f_rng. This may be * \param p_rng_blind The RNG context to be passed to \p f_rng_blind. This
* \c NULL if \p f_rng doesn't need a context parameter. * may be \c NULL if \p f_rng_blind doesn't need
* a context parameter.
* *
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
@ -344,7 +345,7 @@ int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp,
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
* \param md_alg The message digest that was used to hash the message. * \param md_alg The message digest that was used to hash the message.
* \param hash The message hash to be signed. This must be a readable * \param hash The message hash to be signed. This must be a readable
* buffer of length \p blen Bytes. * buffer of length \p hlen Bytes.
* \param hlen The length of the hash \p hash in Bytes. * \param hlen The length of the hash \p hash in Bytes.
* \param sig The buffer to which to write the signature. This must be a * \param sig The buffer to which to write the signature. This must be a
* writable buffer of length at least twice as large as the * writable buffer of length at least twice as large as the
@ -386,7 +387,7 @@ int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx,
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
* \param md_alg The message digest that was used to hash the message. * \param md_alg The message digest that was used to hash the message.
* \param hash The message hash to be signed. This must be a readable * \param hash The message hash to be signed. This must be a readable
* buffer of length \p blen Bytes. * buffer of length \p hlen Bytes.
* \param hlen The length of the hash \p hash in Bytes. * \param hlen The length of the hash \p hash in Bytes.
* \param sig The buffer to which to write the signature. This must be a * \param sig The buffer to which to write the signature. This must be a
* writable buffer of length at least twice as large as the * writable buffer of length at least twice as large as the
@ -453,7 +454,7 @@ int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx,
* and have a group and private key bound to it, for example * and have a group and private key bound to it, for example
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
* \param hash The message hash to be signed. This must be a readable * \param hash The message hash to be signed. This must be a readable
* buffer of length \p blen Bytes. * buffer of length \p hlen Bytes.
* \param hlen The length of the hash \p hash in Bytes. * \param hlen The length of the hash \p hash in Bytes.
* \param sig The buffer to which to write the signature. This must be a * \param sig The buffer to which to write the signature. This must be a
* writable buffer of length at least twice as large as the * writable buffer of length at least twice as large as the
@ -490,7 +491,7 @@ int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx,
* \param ctx The ECDSA context to use. This must be initialized * \param ctx The ECDSA context to use. This must be initialized
* and have a group and public key bound to it. * and have a group and public key bound to it.
* \param hash The message hash that was signed. This must be a readable * \param hash The message hash that was signed. This must be a readable
* buffer of length \p size Bytes. * buffer of length \p hlen Bytes.
* \param hlen The size of the hash \p hash. * \param hlen The size of the hash \p hash.
* \param sig The signature to read and verify. This must be a readable * \param sig The signature to read and verify. This must be a readable
* buffer of length \p slen Bytes. * buffer of length \p slen Bytes.
@ -520,7 +521,7 @@ int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx,
* \param ctx The ECDSA context to use. This must be initialized * \param ctx The ECDSA context to use. This must be initialized
* and have a group and public key bound to it. * and have a group and public key bound to it.
* \param hash The message hash that was signed. This must be a readable * \param hash The message hash that was signed. This must be a readable
* buffer of length \p size Bytes. * buffer of length \p hlen Bytes.
* \param hlen The size of the hash \p hash. * \param hlen The size of the hash \p hash.
* \param sig The signature to read and verify. This must be a readable * \param sig The signature to read and verify. This must be a readable
* buffer of length \p slen Bytes. * buffer of length \p slen Bytes.

View File

@ -1081,7 +1081,7 @@ int mbedtls_ecp_muladd_restartable(
* *
* It only checks that the point is non-zero, has * It only checks that the point is non-zero, has
* valid coordinates and lies on the curve. It does not verify * valid coordinates and lies on the curve. It does not verify
* that it is indeed a multiple of \p G. This additional * that it is indeed a multiple of \c G. This additional
* check is computationally more expensive, is not required * check is computationally more expensive, is not required
* by standards, and should not be necessary if the group * by standards, and should not be necessary if the group
* used has a small cofactor. In particular, it is useless for * used has a small cofactor. In particular, it is useless for
@ -1106,7 +1106,7 @@ int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *pt); const mbedtls_ecp_point *pt);
/** /**
* \brief This function checks that an \p mbedtls_mpi is a * \brief This function checks that an \c mbedtls_mpi is a
* valid private key for this curve. * valid private key for this curve.
* *
* \note This function uses bare components rather than an * \note This function uses bare components rather than an

View File

@ -186,8 +186,8 @@ void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx);
* \param len The length of the personalization string. * \param len The length of the personalization string.
* This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
* and also at most * and also at most
* #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len * 3 / 2 * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len * 3 / 2
* where \p entropy_len is the entropy length * where \c entropy_len is the entropy length
* described above. * described above.
* *
* \return \c 0 if successful. * \return \c 0 if successful.
@ -316,8 +316,8 @@ int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx,
* \param len The length of the additional data. * \param len The length of the additional data.
* This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
* and also at most * and also at most
* #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len
* where \p entropy_len is the entropy length * where \c entropy_len is the entropy length
* (see mbedtls_hmac_drbg_set_entropy_len()). * (see mbedtls_hmac_drbg_set_entropy_len()).
* *
* \return \c 0 if successful. * \return \c 0 if successful.

View File

@ -395,7 +395,7 @@ int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type);
* *
* \return 0 on success (signature is valid), * \return 0 on success (signature is valid),
* #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid * #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
* signature in sig but its length is less than \p siglen, * signature in \p sig but its length is less than \p sig_len,
* or a specific error code. * or a specific error code.
* *
* \note For RSA keys, the default padding type is PKCS#1 v1.5. * \note For RSA keys, the default padding type is PKCS#1 v1.5.
@ -459,7 +459,7 @@ int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
* #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be * #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be
* used for this type of signatures, * used for this type of signatures,
* #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid * #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
* signature in sig but its length is less than \p siglen, * signature in \p sig but its length is less than \p sig_len,
* or a specific error code. * or a specific error code.
* *
* \note If hash_len is 0, then the length associated with md_alg * \note If hash_len is 0, then the length associated with md_alg

View File

@ -144,6 +144,8 @@ extern "C" {
#if defined(MBEDTLS_PLATFORM_MEMORY) #if defined(MBEDTLS_PLATFORM_MEMORY)
#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \ #if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \
defined(MBEDTLS_PLATFORM_CALLOC_MACRO) defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
#undef mbedtls_free
#undef mbedtls_calloc
#define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO #define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO
#define mbedtls_calloc MBEDTLS_PLATFORM_CALLOC_MACRO #define mbedtls_calloc MBEDTLS_PLATFORM_CALLOC_MACRO
#else #else
@ -165,6 +167,8 @@ int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
void (*free_func)(void *)); void (*free_func)(void *));
#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */ #endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */
#else /* !MBEDTLS_PLATFORM_MEMORY */ #else /* !MBEDTLS_PLATFORM_MEMORY */
#undef mbedtls_free
#undef mbedtls_calloc
#define mbedtls_free free #define mbedtls_free free
#define mbedtls_calloc calloc #define mbedtls_calloc calloc
#endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */ #endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */
@ -189,6 +193,7 @@ extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...);
int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *, int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *,
...)); ...));
#else #else
#undef mbedtls_fprintf
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
#define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO #define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO
#else #else
@ -213,6 +218,7 @@ extern int (*mbedtls_printf)(const char *format, ...);
*/ */
int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...)); int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...));
#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */ #else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
#undef mbedtls_printf
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
#define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO #define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO
#else #else
@ -248,6 +254,7 @@ extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...);
int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n, int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
const char *format, ...)); const char *format, ...));
#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ #else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
#undef mbedtls_snprintf
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO #define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO
#else #else
@ -284,6 +291,7 @@ extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list a
int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n, int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
const char *format, va_list arg)); const char *format, va_list arg));
#else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ #else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
#undef mbedtls_vsnprintf
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
#define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO #define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO
#else #else
@ -308,6 +316,7 @@ extern void (*mbedtls_exit)(int status);
*/ */
int mbedtls_platform_set_exit(void (*exit_func)(int status)); int mbedtls_platform_set_exit(void (*exit_func)(int status));
#else #else
#undef mbedtls_exit
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) #if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
#define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO #define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO
#else #else
@ -360,6 +369,8 @@ int mbedtls_platform_set_nv_seed(
int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len) int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)
); );
#else #else
#undef mbedtls_nv_seed_read
#undef mbedtls_nv_seed_write
#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \ #if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \
defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
#define mbedtls_nv_seed_read MBEDTLS_PLATFORM_NV_SEED_READ_MACRO #define mbedtls_nv_seed_read MBEDTLS_PLATFORM_NV_SEED_READ_MACRO

View File

@ -260,15 +260,15 @@ int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx,
* \brief This function completes an RSA context from * \brief This function completes an RSA context from
* a set of imported core parameters. * a set of imported core parameters.
* *
* To setup an RSA public key, precisely \p N and \p E * To setup an RSA public key, precisely \c N and \c E
* must have been imported. * must have been imported.
* *
* To setup an RSA private key, sufficient information must * To setup an RSA private key, sufficient information must
* be present for the other parameters to be derivable. * be present for the other parameters to be derivable.
* *
* The default implementation supports the following: * The default implementation supports the following:
* <ul><li>Derive \p P, \p Q from \p N, \p D, \p E.</li> * <ul><li>Derive \c P, \c Q from \c N, \c D, \c E.</li>
* <li>Derive \p N, \p D from \p P, \p Q, \p E.</li></ul> * <li>Derive \c N, \c D from \c P, \c Q, \c E.</li></ul>
* Alternative implementations need not support these. * Alternative implementations need not support these.
* *
* If this function runs successfully, it guarantees that * If this function runs successfully, it guarantees that
@ -537,7 +537,7 @@ int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub,
* \note This function does not handle message padding. * \note This function does not handle message padding.
* *
* \note Make sure to set \p input[0] = 0 or ensure that * \note Make sure to set \p input[0] = 0 or ensure that
* input is smaller than \p N. * input is smaller than \c N.
* *
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
@ -1109,8 +1109,8 @@ int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
* verification using the mode from the context. * verification using the mode from the context.
* *
* \note For PKCS#1 v2.1 encoding, see comments on * \note For PKCS#1 v2.1 encoding, see comments on
* mbedtls_rsa_rsassa_pss_verify() about \p md_alg and * mbedtls_rsa_rsassa_pss_verify() about \c md_alg and
* \p hash_id. * \c hash_id.
* *
* \deprecated It is deprecated and discouraged to call this function * \deprecated It is deprecated and discouraged to call this function
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library

View File

@ -494,6 +494,7 @@
/* Dummy type used only for its size */ /* Dummy type used only for its size */
union mbedtls_ssl_premaster_secret { union mbedtls_ssl_premaster_secret {
unsigned char dummy; /* Make the union non-empty even with SSL disabled */
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */ unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */
#endif #endif
@ -1746,10 +1747,10 @@ void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl,
* \param own_cid The address of the readable buffer holding the CID we want * \param own_cid The address of the readable buffer holding the CID we want
* the peer to use when sending encrypted messages to us. * the peer to use when sending encrypted messages to us.
* This may be \c NULL if \p own_cid_len is \c 0. * This may be \c NULL if \p own_cid_len is \c 0.
* This parameter is unused if \p enabled is set to * This parameter is unused if \p enable is set to
* MBEDTLS_SSL_CID_DISABLED. * MBEDTLS_SSL_CID_DISABLED.
* \param own_cid_len The length of \p own_cid. * \param own_cid_len The length of \p own_cid.
* This parameter is unused if \p enabled is set to * This parameter is unused if \p enable is set to
* MBEDTLS_SSL_CID_DISABLED. * MBEDTLS_SSL_CID_DISABLED.
* *
* \note The value of \p own_cid_len must match the value of the * \note The value of \p own_cid_len must match the value of the
@ -2573,8 +2574,8 @@ int mbedtls_ssl_session_load(mbedtls_ssl_session *session,
* *
* \param session The session structure to be saved. * \param session The session structure to be saved.
* \param buf The buffer to write the serialized data to. It must be a * \param buf The buffer to write the serialized data to. It must be a
* writeable buffer of at least \p len bytes, or may be \c * writeable buffer of at least \p buf_len bytes, or may be \c
* NULL if \p len is \c 0. * NULL if \p buf_len is \c 0.
* \param buf_len The number of bytes available for writing in \p buf. * \param buf_len The number of bytes available for writing in \p buf.
* \param olen The size in bytes of the data that has been or would have * \param olen The size in bytes of the data that has been or would have
* been written. It must point to a valid \c size_t. * been written. It must point to a valid \c size_t.
@ -2659,7 +2660,7 @@ void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf,
* record headers. * record headers.
* *
* \return \c 0 on success. * \return \c 0 on success.
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p own_cid_len * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p len
* is too large. * is too large.
*/ */
int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len, int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len,

View File

@ -38,16 +38,16 @@
*/ */
#define MBEDTLS_VERSION_MAJOR 2 #define MBEDTLS_VERSION_MAJOR 2
#define MBEDTLS_VERSION_MINOR 28 #define MBEDTLS_VERSION_MINOR 28
#define MBEDTLS_VERSION_PATCH 3 #define MBEDTLS_VERSION_PATCH 4
/** /**
* The single version number has the following structure: * The single version number has the following structure:
* MMNNPP00 * MMNNPP00
* Major version | Minor version | Patch version * Major version | Minor version | Patch version
*/ */
#define MBEDTLS_VERSION_NUMBER 0x021C0300 #define MBEDTLS_VERSION_NUMBER 0x021C0400
#define MBEDTLS_VERSION_STRING "2.28.3" #define MBEDTLS_VERSION_STRING "2.28.4"
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.28.3" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.28.4"
#if defined(MBEDTLS_VERSION_C) #if defined(MBEDTLS_VERSION_C)

View File

@ -509,7 +509,7 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
* \param san_buf The buffer holding the raw data item of the subject * \param san_buf The buffer holding the raw data item of the subject
* alternative name. * alternative name.
* \param san The target structure to populate with the parsed presentation * \param san The target structure to populate with the parsed presentation
* of the subject alternative name encoded in \p san_raw. * of the subject alternative name encoded in \p san_buf.
* *
* \note Only "dnsName" and "otherName" of type hardware_module_name * \note Only "dnsName" and "otherName" of type hardware_module_name
* as defined in RFC 4180 is supported. * as defined in RFC 4180 is supported.
@ -517,7 +517,7 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
* \note This function should be called on a single raw data of * \note This function should be called on a single raw data of
* subject alternative name. For example, after successful * subject alternative name. For example, after successful
* certificate parsing, one must iterate on every item in the * certificate parsing, one must iterate on every item in the
* \p crt->subject_alt_names sequence, and pass it to * \c crt->subject_alt_names sequence, and pass it to
* this function. * this function.
* *
* \warning The target structure contains pointers to the raw data of the * \warning The target structure contains pointers to the raw data of the

View File

@ -58,6 +58,8 @@ static int aes_padlock_ace = -1;
/* /*
* Forward S-box * Forward S-box
*/ */
#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
!defined(MBEDTLS_AES_SETKEY_DEC_ALT)
static const unsigned char FSb[256] = static const unsigned char FSb[256] =
{ {
0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5,
@ -93,6 +95,8 @@ static const unsigned char FSb[256] =
0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68,
0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
}; };
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
!defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
/* /*
* Forward tables * Forward tables
@ -164,6 +168,7 @@ static const unsigned char FSb[256] =
V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \ V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \
V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C) V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C)
#if !defined(MBEDTLS_AES_ENCRYPT_ALT)
#define V(a, b, c, d) 0x##a##b##c##d #define V(a, b, c, d) 0x##a##b##c##d
static const uint32_t FT0[256] = { FT }; static const uint32_t FT0[256] = { FT };
#undef V #undef V
@ -184,8 +189,11 @@ static const uint32_t FT3[256] = { FT };
#endif /* !MBEDTLS_AES_FEWER_TABLES */ #endif /* !MBEDTLS_AES_FEWER_TABLES */
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */
#undef FT #undef FT
#if !defined(MBEDTLS_AES_DECRYPT_ALT)
/* /*
* Reverse S-box * Reverse S-box
*/ */
@ -224,6 +232,7 @@ static const unsigned char RSb[256] =
0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26,
0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
}; };
#endif /* defined(MBEDTLS_AES_DECRYPT_ALT)) */
/* /*
* Reverse tables * Reverse tables
@ -295,6 +304,8 @@ static const unsigned char RSb[256] =
V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \
V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0)
#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
#define V(a, b, c, d) 0x##a##b##c##d #define V(a, b, c, d) 0x##a##b##c##d
static const uint32_t RT0[256] = { RT }; static const uint32_t RT0[256] = { RT };
#undef V #undef V
@ -315,8 +326,11 @@ static const uint32_t RT3[256] = { RT };
#endif /* !MBEDTLS_AES_FEWER_TABLES */ #endif /* !MBEDTLS_AES_FEWER_TABLES */
#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
#undef RT #undef RT
#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
/* /*
* Round constants * Round constants
*/ */
@ -326,31 +340,44 @@ static const uint32_t RCON[10] =
0x00000010, 0x00000020, 0x00000040, 0x00000080, 0x00000010, 0x00000020, 0x00000040, 0x00000080,
0x0000001B, 0x00000036 0x0000001B, 0x00000036
}; };
#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
#else /* MBEDTLS_AES_ROM_TABLES */ #else /* MBEDTLS_AES_ROM_TABLES */
/* /*
* Forward S-box & tables * Forward S-box & tables
*/ */
#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
!defined(MBEDTLS_AES_SETKEY_DEC_ALT)
static unsigned char FSb[256]; static unsigned char FSb[256];
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
!defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
static uint32_t FT0[256]; static uint32_t FT0[256];
#if !defined(MBEDTLS_AES_FEWER_TABLES) #if !defined(MBEDTLS_AES_FEWER_TABLES)
static uint32_t FT1[256]; static uint32_t FT1[256];
static uint32_t FT2[256]; static uint32_t FT2[256];
static uint32_t FT3[256]; static uint32_t FT3[256];
#endif /* !MBEDTLS_AES_FEWER_TABLES */ #endif /* !MBEDTLS_AES_FEWER_TABLES */
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
/* /*
* Reverse S-box & tables * Reverse S-box & tables
*/ */
#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT))
static unsigned char RSb[256]; static unsigned char RSb[256];
#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */
#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
static uint32_t RT0[256]; static uint32_t RT0[256];
#if !defined(MBEDTLS_AES_FEWER_TABLES) #if !defined(MBEDTLS_AES_FEWER_TABLES)
static uint32_t RT1[256]; static uint32_t RT1[256];
static uint32_t RT2[256]; static uint32_t RT2[256];
static uint32_t RT3[256]; static uint32_t RT3[256];
#endif /* !MBEDTLS_AES_FEWER_TABLES */ #endif /* !MBEDTLS_AES_FEWER_TABLES */
#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
/* /*
* Round constants * Round constants
*/ */
@ -428,6 +455,7 @@ static void aes_gen_tables(void)
x = RSb[i]; x = RSb[i];
#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ RT0[i] = ((uint32_t) MUL(0x0E, x)) ^
((uint32_t) MUL(0x09, x) << 8) ^ ((uint32_t) MUL(0x09, x) << 8) ^
((uint32_t) MUL(0x0D, x) << 16) ^ ((uint32_t) MUL(0x0D, x) << 16) ^
@ -438,9 +466,12 @@ static void aes_gen_tables(void)
RT2[i] = ROTL8(RT1[i]); RT2[i] = ROTL8(RT1[i]);
RT3[i] = ROTL8(RT2[i]); RT3[i] = ROTL8(RT2[i]);
#endif /* !MBEDTLS_AES_FEWER_TABLES */ #endif /* !MBEDTLS_AES_FEWER_TABLES */
#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
} }
} }
#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
#undef ROTL8 #undef ROTL8
#endif /* MBEDTLS_AES_ROM_TABLES */ #endif /* MBEDTLS_AES_ROM_TABLES */
@ -521,6 +552,9 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx)
(defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2) (defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2)
#define MAY_NEED_TO_ALIGN #define MAY_NEED_TO_ALIGN
#endif #endif
#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \
!defined(MBEDTLS_AES_SETKEY_ENC_ALT)
static unsigned mbedtls_aes_rk_offset(uint32_t *buf) static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
{ {
#if defined(MAY_NEED_TO_ALIGN) #if defined(MAY_NEED_TO_ALIGN)
@ -557,6 +591,8 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
return 0; return 0;
} }
#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \
!defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
/* /*
* AES key schedule (encryption) * AES key schedule (encryption)

View File

@ -41,6 +41,8 @@
#if MBEDTLS_AESNI_HAVE_CODE == 2 #if MBEDTLS_AESNI_HAVE_CODE == 2
#if !defined(_WIN32) #if !defined(_WIN32)
#include <cpuid.h> #include <cpuid.h>
#else
#include <intrin.h>
#endif #endif
#include <immintrin.h> #include <immintrin.h>
#endif #endif

View File

@ -348,33 +348,33 @@
#define TEST_CA_KEY_RSA_PEM \ #define TEST_CA_KEY_RSA_PEM \
"-----BEGIN RSA PRIVATE KEY-----\r\n" \ "-----BEGIN RSA PRIVATE KEY-----\r\n" \
"Proc-Type: 4,ENCRYPTED\r\n" \ "Proc-Type: 4,ENCRYPTED\r\n" \
"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n" \ "AES-128-CBC,781840E6B804AE83D2AF71127C4CE314\r\n" \
"\r\n" \ "\r\n" \
"9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n" \ "etQ3xgGLbuYF9vR1km03TH5fwfly1hOlix0PtfQ+t9HG065vTtSEHYc/OyHwdy79\r\n" \
"7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n" \ "NCLX5RUrPh06E/XlKzMNVHAXqkwFnIwNzRLsOozeP1L7iZEZb9QMeiN5Org+btCO\r\n" \
"Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n" \ "bylXPB4YirfuE7GSJalWY/pq3FQtD33zTIKmNhXfVj3sbwGI/8D9XjaKUb8PODOB\r\n" \
"PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n" \ "skOalmx6RvYRvg0lmRxB3+T3wejIsrrDPweYqte9B6dVHIVG1ZmvoA6/wnKZZZeV\r\n" \
"GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n" \ "sjj8OpL3OwUBrjuGSknE9Rs6kCuSCbHOYVK8VzcZmCYpie0TFnb3Sk8M6vjfW+45\r\n" \
"gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n" \ "U7WUMlSAPxKH6lJDzWdwHqLvsVJwuNnaAaBXg9/8U/rzQEWuq8Ar3s8fw2Jg3F1G\r\n" \
"QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n" \ "L6N5ZAEfCz3Sa0N9WKafR/RSQj+rq8Z3w4POAafhbzk249uo5K8B1Z3cQwLxeXIl\r\n" \
"PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n" \ "UbRQz1TZy4oNTfQzCahYruPNyvwgTkfwAFFvbLAdaiJd2ZtLBoqYE64TYakYnvcC\r\n" \
"vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n" \ "itim1bmySIKoxlMfBGFmMuF03epT0pSx701jlGzGi0l0m16NEjoVxDwo5j93SmiM\r\n" \
"WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n" \ "sQdjC1lOGk2iCLkphIQqHFjFJYWjvh1UUIqWZf+ZWOOxlf4x9a1pUVj6FvtECxNB\r\n" \
"JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n" \ "/mA/m4Iq4LAuVXHE1MpHeq067lJ6wWlrsb2WVmiNGfQ2AC7fMtpcPuunBVT9NV1m\r\n" \
"KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n" \ "1rbDzIgLIWAzqz/cy3N8Q8vfxnrFtmNUyM191Zyq+YF14hIKWX9J1qR4LXwWAzVV\r\n" \
"Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n" \ "UrC8IL4pA2mtRkW4qFsB0EmHAxO/cedDTPjVFty5WSzhNuvYZxX45HAkGIfK6d21\r\n" \
"9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n" \ "7WHPhHG+zaaUTWMUVixB0IcKp6RecjYPFzBHS0YeX88Ue2cyT/90jMiQ9ssOgRrG\r\n" \
"iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n" \ "ZJRJvZAc3TSCnY9sNPYoGrJPiZuCnlUj3ENNurYVy12ai0WFxwnNUZjRUhDS6hjm\r\n" \
"tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n" \ "cDHD5TlI9MZ6M+Mb/Bw4Ig8HuTHOtQBYD9vhtXsG+B7H/j6cS+1umaKjrnG/kK4W\r\n" \
"P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n" \ "R6YXwM2faAi+DwgjjoMXSzRqSTF8PdTIWbAXo3bc2qsXPTMBA8PEp4nb5scHZ4Ts\r\n" \
"1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n" \ "EcBNp2jv0j4gBkRmGIab17cWMrlagjFy89DhqZUFwKdeZs+yJ92A5xstWxOUfpEP\r\n" \
"nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n" \ "90T/bsp1G5d7WW5fl2TRJvYJNDM+djkKIh0zCkduiZ36oVM6nDdbjmXqjQXopeSD\r\n" \
"X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n" \ "gtOourBRF8g99W0fW8QT+yPhP0Pkyz6EG8eQO6Zwh439xdoVwu9jUzQAPmZ0uNeR\r\n" \
"rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n" \ "xTXXihYyv72z27rInjLiIPXL25K9eDVLlcSR3RyG7YYgjdQAL2VJDLcBz5jox1uQ\r\n" \
"L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n" \ "0guoD5wmfu2FWLqYE7HeTYntdY53lCflwq0GHRMjrrsVpx+5VDQ6Yi47Ny9SWLcp\r\n" \
"I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n" \ "fPI3iBkXuGRWupzs6N4pQdSO0dU28KfpMM5QvFoLIn67brCHEQij4dgFrCTYEyBX\r\n" \
"wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n" \ "9+jiNImUFYUhAFuxvUbfZt4O/ABLIElvHLfJs1oYCmI/nWpvLFqXB5rnzPNfEi0H\r\n" \
"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" \ "PGGe1Hj/t+CJIp/6ios3yNy2QtXO754TZH2UVu51Ykyig5PFjZVoUkbRvHQYcWfU\r\n" \
"-----END RSA PRIVATE KEY-----\r\n" "-----END RSA PRIVATE KEY-----\r\n"
/* END FILE */ /* END FILE */
@ -504,17 +504,17 @@
#define TEST_SRV_CRT_EC_PEM \ #define TEST_SRV_CRT_EC_PEM \
"-----BEGIN CERTIFICATE-----\r\n" \ "-----BEGIN CERTIFICATE-----\r\n" \
"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \ "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \
"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \ "A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \
"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ "MjMwNjE1MDMzNDE4WhcNMzMwNjEyMDMzNDE4WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \ "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \
"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \ "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \
"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \ "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \
"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \ "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \
"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n" \ "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh\r\n" \
"clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \ "clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \
"CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n" \ "CCqGSM49BAMCA2gAMGUCMAHFbGEzx8dZaUlIltT5s1QO9FvKmvFer4uRY3ntEy9S\r\n" \
"C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n" \ "k7DCCozM86WWLjfzbJ78bwIxAJYRPF1CzNEiXPHb9O46ZPHKo2S5x//g/54RowAK\r\n" \
"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n" \ "uZz+hKPuMi6YY6cIm81jfeaSZQ==\r\n" \
"-----END CERTIFICATE-----\r\n" "-----END CERTIFICATE-----\r\n"
/* END FILE */ /* END FILE */
@ -525,16 +525,16 @@
0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ 0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \ 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \ 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \
0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
0x31, 0x33, 0x30, 0x39, 0x32, 0x34, 0x31, 0x35, 0x35, 0x32, 0x30, 0x34, \ 0x32, 0x33, 0x30, 0x36, 0x31, 0x35, 0x30, 0x33, 0x33, 0x34, 0x31, 0x38, \
0x5a, 0x17, 0x0d, 0x32, 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x35, \ 0x5a, 0x17, 0x0d, 0x33, 0x33, 0x30, 0x36, 0x31, 0x32, 0x30, 0x33, 0x33, \
0x32, 0x30, 0x34, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ 0x34, 0x31, 0x38, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \ 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \ 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \
0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \ 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \ 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \
@ -552,21 +552,21 @@
0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \ 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \
0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \
0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \
0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \
0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \ 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \
0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \ 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \
0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \ 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \ 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \
0x30, 0x65, 0x02, 0x31, 0x00, 0x9a, 0x2c, 0x5c, 0xd7, 0xa6, 0xdb, 0xa2, \ 0x30, 0x65, 0x02, 0x30, 0x01, 0xc5, 0x6c, 0x61, 0x33, 0xc7, 0xc7, 0x59, \
0xe5, 0x64, 0x0d, 0xf0, 0xb9, 0x4e, 0xdd, 0xd7, 0x61, 0xd6, 0x13, 0x31, \ 0x69, 0x49, 0x48, 0x96, 0xd4, 0xf9, 0xb3, 0x54, 0x0e, 0xf4, 0x5b, 0xca, \
0xc7, 0xab, 0x73, 0x80, 0xbb, 0xd3, 0xd3, 0x73, 0x13, 0x54, 0xad, 0x92, \ 0x9a, 0xf1, 0x5e, 0xaf, 0x8b, 0x91, 0x63, 0x79, 0xed, 0x13, 0x2f, 0x52, \
0x0b, 0x5d, 0xab, 0xd0, 0xbc, 0xf7, 0xae, 0x2f, 0xe6, 0xa1, 0x21, 0x29, \ 0x93, 0xb0, 0xc2, 0x0a, 0x8c, 0xcc, 0xf3, 0xa5, 0x96, 0x2e, 0x37, 0xf3, \
0x35, 0x95, 0xaa, 0x3e, 0x39, 0x02, 0x30, 0x21, 0x36, 0x7f, 0x9d, 0xc6, \ 0x6c, 0x9e, 0xfc, 0x6f, 0x02, 0x31, 0x00, 0x96, 0x11, 0x3c, 0x5d, 0x42, \
0x5d, 0xc6, 0x0b, 0xab, 0x27, 0xf2, 0x25, 0x1d, 0x3b, 0xf1, 0xcf, 0xf1, \ 0xcc, 0xd1, 0x22, 0x5c, 0xf1, 0xdb, 0xf4, 0xee, 0x3a, 0x64, 0xf1, 0xca, \
0x35, 0x25, 0x14, 0xe7, 0xe5, 0xf1, 0x97, 0xb5, 0x59, 0xe3, 0x5e, 0x15, \ 0xa3, 0x64, 0xb9, 0xc7, 0xff, 0xe0, 0xff, 0x9e, 0x11, 0xa3, 0x00, 0x0a, \
0x7c, 0x66, 0xb9, 0x90, 0x7b, 0xc7, 0x01, 0x10, 0x4f, 0x73, 0xc6, 0x00, \ 0xb9, 0x9c, 0xfe, 0x84, 0xa3, 0xee, 0x32, 0x2e, 0x98, 0x63, 0xa7, 0x08, \
0x21, 0x52, 0x2a, 0x0e, 0xf1, 0xc7, 0xd5 \ 0x9b, 0xcd, 0x63, 0x7d, 0xe6, 0x92, 0x65 \
} }
/* END FILE */ /* END FILE */

View File

@ -263,40 +263,6 @@ unsigned mbedtls_ct_uint_if(unsigned condition,
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
/** Select between two sign values without branches.
*
* This is functionally equivalent to `condition ? if1 : if0` but uses only bit
* operations in order to avoid branches.
*
* \note if1 and if0 must be either 1 or -1, otherwise the result
* is undefined.
*
* \param condition Condition to test; must be either 0 or 1.
* \param if1 The first sign; must be either +1 or -1.
* \param if0 The second sign; must be either +1 or -1.
*
* \return \c if1 if \p condition is nonzero, otherwise \c if0.
* */
static int mbedtls_ct_cond_select_sign(unsigned char condition,
int if1,
int if0)
{
/* In order to avoid questions about what we can reasonably assume about
* the representations of signed integers, move everything to unsigned
* by taking advantage of the fact that if1 and if0 are either +1 or -1. */
unsigned uif1 = if1 + 1;
unsigned uif0 = if0 + 1;
/* condition was 0 or 1, mask is 0 or 2 as are uif1 and uif0 */
const unsigned mask = condition << 1;
/* select uif1 or uif0 */
unsigned ur = (uif0 & ~mask) | (uif1 & mask);
/* ur is now 0 or 2, convert back to -1 or +1 */
return (int) ur - 1;
}
void mbedtls_ct_mpi_uint_cond_assign(size_t n, void mbedtls_ct_mpi_uint_cond_assign(size_t n,
mbedtls_mpi_uint *dest, mbedtls_mpi_uint *dest,
const mbedtls_mpi_uint *src, const mbedtls_mpi_uint *src,
@ -559,7 +525,7 @@ int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X,
MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n));
X->s = mbedtls_ct_cond_select_sign(assign, Y->s, X->s); X->s = (int) mbedtls_ct_uint_if(assign, Y->s, X->s);
mbedtls_ct_mpi_uint_cond_assign(Y->n, X->p, Y->p, assign); mbedtls_ct_mpi_uint_cond_assign(Y->n, X->p, Y->p, assign);
@ -599,8 +565,8 @@ int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X,
MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n)); MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n));
s = X->s; s = X->s;
X->s = mbedtls_ct_cond_select_sign(swap, Y->s, X->s); X->s = (int) mbedtls_ct_uint_if(swap, Y->s, X->s);
Y->s = mbedtls_ct_cond_select_sign(swap, s, Y->s); Y->s = (int) mbedtls_ct_uint_if(swap, s, Y->s);
for (i = 0; i < X->n; i++) { for (i = 0; i < X->n; i++) {

View File

@ -30,6 +30,7 @@
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include <limits.h>
#include <string.h> #include <string.h>
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)

View File

@ -30,6 +30,7 @@
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
/* DEBUG_BUF_SIZE must be at least 2 */
#define DEBUG_BUF_SIZE 512 #define DEBUG_BUF_SIZE 512
static int debug_threshold = 0; static int debug_threshold = 0;
@ -69,6 +70,8 @@ void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
char str[DEBUG_BUF_SIZE]; char str[DEBUG_BUF_SIZE];
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
MBEDTLS_STATIC_ASSERT(DEBUG_BUF_SIZE >= 2, "DEBUG_BUF_SIZE too small");
if (NULL == ssl || if (NULL == ssl ||
NULL == ssl->conf || NULL == ssl->conf ||
NULL == ssl->conf->f_dbg || NULL == ssl->conf->f_dbg ||
@ -80,10 +83,15 @@ void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
ret = mbedtls_vsnprintf(str, DEBUG_BUF_SIZE, format, argp); ret = mbedtls_vsnprintf(str, DEBUG_BUF_SIZE, format, argp);
va_end(argp); va_end(argp);
if (ret >= 0 && ret < DEBUG_BUF_SIZE - 1) { if (ret < 0) {
ret = 0;
} else {
if (ret >= DEBUG_BUF_SIZE - 1) {
ret = DEBUG_BUF_SIZE - 2;
}
}
str[ret] = '\n'; str[ret] = '\n';
str[ret + 1] = '\0'; str[ret + 1] = '\0';
}
debug_send_line(ssl, level, file, line, str); debug_send_line(ssl, level, file, line, str);
} }

View File

@ -20,7 +20,7 @@
/* /*
* References: * References:
* *
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg * SEC1 https://www.secg.org/sec1-v2.pdf
* RFC 4492 * RFC 4492
*/ */

View File

@ -20,7 +20,7 @@
/* /*
* References: * References:
* *
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg * SEC1 https://www.secg.org/sec1-v2.pdf
*/ */
#include "common.h" #include "common.h"

View File

@ -20,13 +20,15 @@
/* /*
* References: * References:
* *
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg * SEC1 https://www.secg.org/sec1-v2.pdf
* GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone * GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone
* FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf * FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
* RFC 4492 for the related TLS structures and constants * RFC 4492 for the related TLS structures and constants
* - https://www.rfc-editor.org/rfc/rfc4492
* RFC 7748 for the Curve448 and Curve25519 curve definitions * RFC 7748 for the Curve448 and Curve25519 curve definitions
* - https://www.rfc-editor.org/rfc/rfc7748
* *
* [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf * [Curve25519] https://cr.yp.to/ecdh/curve25519-20060209.pdf
* *
* [2] CORON, Jean-S'ebastien. Resistance against differential power analysis * [2] CORON, Jean-S'ebastien. Resistance against differential power analysis
* for elliptic curve cryptosystems. In : Cryptographic Hardware and * for elliptic curve cryptosystems. In : Cryptographic Hardware and
@ -2591,6 +2593,7 @@ static int ecp_mul_mxz(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
void *p_rng) void *p_rng)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int have_rng = 1;
size_t i; size_t i;
unsigned char b; unsigned char b;
mbedtls_ecp_point RP; mbedtls_ecp_point RP;
@ -2623,9 +2626,8 @@ static int ecp_mul_mxz(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
/* RP.X might be slightly larger than P, so reduce it */ /* RP.X might be slightly larger than P, so reduce it */
MOD_ADD(RP.X); MOD_ADD(RP.X);
/* Randomize coordinates of the starting point */
int have_rng = 1;
#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
/* Derandomize coordinates of the starting point */
if (f_rng == NULL) { if (f_rng == NULL) {
have_rng = 0; have_rng = 0;
} }

View File

@ -61,7 +61,7 @@ void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits);
* This is the bit-size of the key minus 1: * This is the bit-size of the key minus 1:
* 254 for Curve25519 or 447 for Curve448. * 254 for Curve25519 or 447 for Curve448.
* \param d The randomly generated key. This is a number of size * \param d The randomly generated key. This is a number of size
* exactly \p n_bits + 1 bits, with the least significant bits * exactly \p high_bit + 1 bits, with the least significant bits
* masked as specified in [Curve25519] and in [RFC7748] §5. * masked as specified in [Curve25519] and in [RFC7748] §5.
* \param f_rng The RNG function. * \param f_rng The RNG function.
* \param p_rng The RNG context to be passed to \p f_rng. * \param p_rng The RNG context to be passed to \p f_rng.
@ -69,7 +69,7 @@ void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits);
* \return \c 0 on success. * \return \c 0 on success.
* \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure. * \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure.
*/ */
int mbedtls_ecp_gen_privkey_mx(size_t n_bits, int mbedtls_ecp_gen_privkey_mx(size_t high_bit,
mbedtls_mpi *d, mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng); void *p_rng);

View File

@ -31,6 +31,8 @@
#include "mbedtls/entropy_poll.h" #include "mbedtls/entropy_poll.h"
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"
#include <string.h> #include <string.h>

View File

@ -90,6 +90,7 @@ static int wsa_init_done = 0;
#include <errno.h> #include <errno.h>
#define IS_EINTR(ret) ((ret) == EINTR) #define IS_EINTR(ret) ((ret) == EINTR)
#define SOCKET int
#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
@ -494,13 +495,13 @@ int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout)
FD_ZERO(&read_fds); FD_ZERO(&read_fds);
if (rw & MBEDTLS_NET_POLL_READ) { if (rw & MBEDTLS_NET_POLL_READ) {
rw &= ~MBEDTLS_NET_POLL_READ; rw &= ~MBEDTLS_NET_POLL_READ;
FD_SET(fd, &read_fds); FD_SET((SOCKET) fd, &read_fds);
} }
FD_ZERO(&write_fds); FD_ZERO(&write_fds);
if (rw & MBEDTLS_NET_POLL_WRITE) { if (rw & MBEDTLS_NET_POLL_WRITE) {
rw &= ~MBEDTLS_NET_POLL_WRITE; rw &= ~MBEDTLS_NET_POLL_WRITE;
FD_SET(fd, &write_fds); FD_SET((SOCKET) fd, &write_fds);
} }
if (rw != 0) { if (rw != 0) {
@ -608,7 +609,7 @@ int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf,
} }
FD_ZERO(&read_fds); FD_ZERO(&read_fds);
FD_SET(fd, &read_fds); FD_SET((SOCKET) fd, &read_fds);
tv.tv_sec = timeout / 1000; tv.tv_sec = timeout / 1000;
tv.tv_usec = (timeout % 1000) * 1000; tv.tv_usec = (timeout % 1000) * 1000;

View File

@ -646,6 +646,7 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
psa_key_type_t key_type; psa_key_type_t key_type;
size_t bits; size_t bits;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
psa_status_t status;
/* export the private key material in the format PSA wants */ /* export the private key material in the format PSA wants */
if (mbedtls_pk_get_type(pk) != MBEDTLS_PK_ECKEY) { if (mbedtls_pk_get_type(pk) != MBEDTLS_PK_ECKEY) {
@ -668,7 +669,9 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(hash_alg)); psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(hash_alg));
/* import private key into PSA */ /* import private key into PSA */
if (PSA_SUCCESS != psa_import_key(&attributes, d, d_len, key)) { status = psa_import_key(&attributes, d, d_len, key);
mbedtls_platform_zeroize(d, sizeof(d));
if (status != PSA_SUCCESS) {
return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
} }

View File

@ -1235,6 +1235,8 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk,
mbedtls_pem_context pem; mbedtls_pem_context pem;
#endif #endif
(void) pk_info;
PK_VALIDATE_RET(pk != NULL); PK_VALIDATE_RET(pk != NULL);
if (keylen == 0) { if (keylen == 0) {
return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;

View File

@ -178,6 +178,11 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
(void) p;
(void) start;
(void) key;
(void) ret;
PK_VALIDATE_RET(p != NULL); PK_VALIDATE_RET(p != NULL);
PK_VALIDATE_RET(*p != NULL); PK_VALIDATE_RET(*p != NULL);
PK_VALIDATE_RET(start != NULL); PK_VALIDATE_RET(start != NULL);
@ -313,6 +318,10 @@ int mbedtls_pk_write_key_der(mbedtls_pk_context *key, unsigned char *buf, size_t
unsigned char *c; unsigned char *c;
size_t len = 0; size_t len = 0;
(void) ret;
(void) c;
(void) key;
PK_VALIDATE_RET(key != NULL); PK_VALIDATE_RET(key != NULL);
if (size == 0) { if (size == 0) {
return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;

View File

@ -17,6 +17,8 @@
* limitations under the License. * limitations under the License.
*/ */
#include <string.h>
#include "common.h" #include "common.h"
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
@ -233,17 +235,20 @@ volatile int mbedtls_timing_alarmed = 0;
unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
{ {
struct _hr_time *t = (struct _hr_time *) val; struct _hr_time t;
if (reset) { if (reset) {
QueryPerformanceCounter(&t->start); QueryPerformanceCounter(&t.start);
memcpy(val, &t, sizeof(struct _hr_time));
return 0; return 0;
} else { } else {
unsigned long delta; unsigned long delta;
LARGE_INTEGER now, hfreq; LARGE_INTEGER now, hfreq;
/* We can't safely cast val because it may not be aligned, so use memcpy */
memcpy(&t, val, sizeof(struct _hr_time));
QueryPerformanceCounter(&now); QueryPerformanceCounter(&now);
QueryPerformanceFrequency(&hfreq); QueryPerformanceFrequency(&hfreq);
delta = (unsigned long) ((now.QuadPart - t->start.QuadPart) * 1000ul delta = (unsigned long) ((now.QuadPart - t.start.QuadPart) * 1000ul
/ hfreq.QuadPart); / hfreq.QuadPart);
return delta; return delta;
} }
@ -279,17 +284,20 @@ void mbedtls_set_alarm(int seconds)
unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
{ {
struct _hr_time *t = (struct _hr_time *) val; struct _hr_time t;
if (reset) { if (reset) {
gettimeofday(&t->start, NULL); gettimeofday(&t.start, NULL);
memcpy(val, &t, sizeof(struct _hr_time));
return 0; return 0;
} else { } else {
unsigned long delta; unsigned long delta;
struct timeval now; struct timeval now;
/* We can't safely cast val because it may not be aligned, so use memcpy */
memcpy(&t, val, sizeof(struct _hr_time));
gettimeofday(&now, NULL); gettimeofday(&now, NULL);
delta = (now.tv_sec - t->start.tv_sec) * 1000ul delta = (now.tv_sec - t.start.tv_sec) * 1000ul
+ (now.tv_usec - t->start.tv_usec) / 1000; + (now.tv_usec - t.start.tv_usec) / 1000;
return delta; return delta;
} }
} }

View File

@ -53,12 +53,16 @@
#include <time.h> #include <time.h>
#endif #endif
#define CHECK(code) if ((ret = (code)) != 0) { return ret; } #define CHECK(code) \
do { \
if ((ret = (code)) != 0) { \
return ret; \
} \
} while (0)
#define CHECK_RANGE(min, max, val) \ #define CHECK_RANGE(min, max, val) \
do \ do { \
{ \ if ((val) < (min) || (val) > (max)) { \
if ((val) < (min) || (val) > (max)) \
{ \
return ret; \ return ret; \
} \ } \
} while (0) } while (0)

View File

@ -125,7 +125,7 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name,
int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name) int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name)
{ {
int ret = 0; int ret = MBEDTLS_ERR_X509_INVALID_NAME;
const char *s = name, *c = s; const char *s = name, *c = s;
const char *end = s + strlen(s); const char *end = s + strlen(s);
const char *oid = NULL; const char *oid = NULL;
@ -177,6 +177,9 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam
s = c + 1; s = c + 1;
in_tag = 1; in_tag = 1;
/* Successfully parsed one name, update ret to success */
ret = 0;
} }
if (!in_tag && s != c + 1) { if (!in_tag && s != c + 1) {

View File

@ -1945,15 +1945,18 @@ int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
} }
#define PRINT_ITEM(i) \ #define PRINT_ITEM(i) \
{ \ do { \
ret = mbedtls_snprintf(p, n, "%s" i, sep); \ ret = mbedtls_snprintf(p, n, "%s" i, sep); \
MBEDTLS_X509_SAFE_SNPRINTF; \ MBEDTLS_X509_SAFE_SNPRINTF; \
sep = ", "; \ sep = ", "; \
} } while (0)
#define CERT_TYPE(type, name) \ #define CERT_TYPE(type, name) \
if (ns_cert_type & (type)) \ do { \
PRINT_ITEM(name); if (ns_cert_type & (type)) { \
PRINT_ITEM(name); \
} \
} while (0)
static int x509_info_cert_type(char **buf, size_t *size, static int x509_info_cert_type(char **buf, size_t *size,
unsigned char ns_cert_type) unsigned char ns_cert_type)
@ -1979,8 +1982,11 @@ static int x509_info_cert_type(char **buf, size_t *size,
} }
#define KEY_USAGE(code, name) \ #define KEY_USAGE(code, name) \
if (key_usage & (code)) \ do { \
PRINT_ITEM(name); if (key_usage & (code)) { \
PRINT_ITEM(name); \
} \
} while (0)
static int x509_info_key_usage(char **buf, size_t *size, static int x509_info_key_usage(char **buf, size_t *size,
unsigned int key_usage) unsigned int key_usage)

View File

@ -1,8 +1,8 @@
diff --git a/thirdparty/mbedtls/library/timing.c b/thirdparty/mbedtls/library/timing.c diff --git a/thirdparty/mbedtls/library/timing.c b/thirdparty/mbedtls/library/timing.c
index 47e34f9227..eeb1d503a8 100644 index 94b55b3715..58c2c2730d 100644
--- a/thirdparty/mbedtls/library/timing.c --- a/thirdparty/mbedtls/library/timing.c
+++ b/thirdparty/mbedtls/library/timing.c +++ b/thirdparty/mbedtls/library/timing.c
@@ -188,8 +188,10 @@ unsigned long mbedtls_timing_hardclock(void) @@ -190,8 +190,10 @@ unsigned long mbedtls_timing_hardclock(void)
#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
__GNUC__ && __ia64__ */ __GNUC__ && __ia64__ */