mbedtls: Update to upstream version 2.28.4
(cherry picked from commit 1f6340bc46
)
This commit is contained in:
parent
023e154cb4
commit
4c354b4977
|
@ -370,7 +370,7 @@ Patch `godot-node-debug-fix.patch` workarounds shadowing of godot's Node class i
|
|||
## mbedtls
|
||||
|
||||
- Upstream: https://github.com/Mbed-TLS/mbedtls
|
||||
- Version: 2.18.3 (981743de6fcdbe672e482b6fd724d31d0a0d2476, 2023)
|
||||
- Version: 2.28.4 (aeb97a18913a86f051afab11b2c92c6be0c2eb83, 2023)
|
||||
- License: Apache 2.0
|
||||
|
||||
File extracted from upstream release tarball:
|
||||
|
|
|
@ -274,10 +274,6 @@ int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
|
|||
* \brief This function performs an ARIA-CTR encryption or decryption
|
||||
* operation.
|
||||
*
|
||||
* This function performs the operation defined in the \p mode
|
||||
* parameter (encrypt/decrypt), on the input data buffer
|
||||
* defined in the \p input parameter.
|
||||
*
|
||||
* Due to the nature of CTR, you must use the same key schedule
|
||||
* for both encryption and decryption operations. Therefore, you
|
||||
* must use the context initialized with mbedtls_aria_setkey_enc()
|
||||
|
|
|
@ -453,7 +453,7 @@ void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
|
|||
* on a successful invocation.
|
||||
* \param end The end of the ASN.1 SEQUENCE container.
|
||||
* \param tag_must_mask A mask to be applied to the ASN.1 tags found within
|
||||
* the SEQUENCE before comparing to \p tag_must_value.
|
||||
* the SEQUENCE before comparing to \p tag_must_val.
|
||||
* \param tag_must_val The required value of each ASN.1 tag found in the
|
||||
* SEQUENCE, after masking with \p tag_must_mask.
|
||||
* Mismatching tags lead to an error.
|
||||
|
@ -462,7 +462,7 @@ void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
|
|||
* while a value of \c 0xFF for \p tag_must_mask means
|
||||
* that \p tag_must_val is the only allowed tag.
|
||||
* \param tag_may_mask A mask to be applied to the ASN.1 tags found within
|
||||
* the SEQUENCE before comparing to \p tag_may_value.
|
||||
* the SEQUENCE before comparing to \p tag_may_val.
|
||||
* \param tag_may_val The desired value of each ASN.1 tag found in the
|
||||
* SEQUENCE, after masking with \p tag_may_mask.
|
||||
* Mismatching tags will be silently ignored.
|
||||
|
|
|
@ -533,7 +533,7 @@ int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X,
|
|||
* \param X The destination MPI. This must point to an initialized MPI.
|
||||
* \param buf The input buffer. This must be a readable buffer of length
|
||||
* \p buflen Bytes.
|
||||
* \param buflen The length of the input buffer \p p in Bytes.
|
||||
* \param buflen The length of the input buffer \p buf in Bytes.
|
||||
*
|
||||
* \return \c 0 if successful.
|
||||
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
|
||||
|
@ -548,7 +548,7 @@ int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf,
|
|||
* \param X The destination MPI. This must point to an initialized MPI.
|
||||
* \param buf The input buffer. This must be a readable buffer of length
|
||||
* \p buflen Bytes.
|
||||
* \param buflen The length of the input buffer \p p in Bytes.
|
||||
* \param buflen The length of the input buffer \p buf in Bytes.
|
||||
*
|
||||
* \return \c 0 if successful.
|
||||
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
|
||||
|
@ -986,8 +986,8 @@ int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A,
|
|||
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
|
||||
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than
|
||||
* or equal to one.
|
||||
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse
|
||||
* with respect to \p N.
|
||||
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p A has no modular
|
||||
* inverse with respect to \p N.
|
||||
*/
|
||||
int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
|
||||
const mbedtls_mpi *N);
|
||||
|
@ -1039,7 +1039,7 @@ MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime(const mbedtls_mpi *X,
|
|||
* This must point to an initialized MPI.
|
||||
* \param rounds The number of bases to perform the Miller-Rabin primality
|
||||
* test for. The probability of returning 0 on a composite is
|
||||
* at most 2<sup>-2*\p rounds</sup>.
|
||||
* at most 2<sup>-2*\p rounds </sup>.
|
||||
* \param f_rng The RNG function to use. This must not be \c NULL.
|
||||
* \param p_rng The RNG parameter to be passed to \p f_rng.
|
||||
* This may be \c NULL if \p f_rng doesn't use
|
||||
|
|
|
@ -677,6 +677,15 @@
|
|||
#if defined(__arm__) && !defined(MULADDC_CANNOT_USE_R7)
|
||||
|
||||
#if defined(__thumb__) && !defined(__thumb2__)
|
||||
#if !defined(__ARMCC_VERSION) && !defined(__clang__) \
|
||||
&& !defined(__llvm__) && !defined(__INTEL_COMPILER)
|
||||
/*
|
||||
* Thumb 1 ISA. This code path has only been tested successfully on gcc;
|
||||
* it does not compile on clang or armclang.
|
||||
*
|
||||
* Other compilers which define __GNUC__ may not work. The above macro
|
||||
* attempts to exclude these untested compilers.
|
||||
*/
|
||||
|
||||
#define MULADDC_INIT \
|
||||
asm( \
|
||||
|
@ -731,6 +740,8 @@
|
|||
"r6", "r7", "r8", "r9", "cc" \
|
||||
);
|
||||
|
||||
#endif /* Compiler is gcc */
|
||||
|
||||
#elif (__ARM_ARCH >= 6) && \
|
||||
defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1)
|
||||
|
||||
|
|
|
@ -231,7 +231,7 @@ int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
|
|||
* *note Due to the nature of CTR mode, you should use the same
|
||||
* key for both encryption and decryption. In particular, calls
|
||||
* to this function should be preceded by a key-schedule via
|
||||
* mbedtls_camellia_setkey_enc() regardless of whether \p mode
|
||||
* mbedtls_camellia_setkey_enc() regardless of whether the mode
|
||||
* is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT.
|
||||
*
|
||||
* \warning You must never reuse a nonce value with the same key. Doing so
|
||||
|
|
|
@ -427,7 +427,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(const mbedtls_ciphe
|
|||
const mbedtls_cipher_mode_t mode);
|
||||
|
||||
/**
|
||||
* \brief This function initializes a \p cipher_context as NONE.
|
||||
* \brief This function initializes a \p ctx as NONE.
|
||||
*
|
||||
* \param ctx The context to be initialized. This must not be \c NULL.
|
||||
*/
|
||||
|
@ -602,7 +602,7 @@ static inline const char *mbedtls_cipher_get_name(
|
|||
* \param ctx The context of the cipher. This must be initialized.
|
||||
*
|
||||
* \return The key length of the cipher in bits.
|
||||
* \return #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been
|
||||
* \return #MBEDTLS_KEY_LENGTH_NONE if \p ctx has not been
|
||||
* initialized.
|
||||
*/
|
||||
static inline int mbedtls_cipher_get_key_bitlen(
|
||||
|
@ -779,7 +779,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx,
|
|||
* \param ctx The generic cipher context. This must be initialized and
|
||||
* bound to a key.
|
||||
* \param output The buffer to write data to. This needs to be a writable
|
||||
* buffer of at least \p block_size Bytes.
|
||||
* buffer of at least block_size Bytes.
|
||||
* \param olen The length of the data written to the \p output buffer.
|
||||
* This may not be \c NULL.
|
||||
*
|
||||
|
|
|
@ -1458,8 +1458,8 @@
|
|||
* );
|
||||
* ```
|
||||
* The \c context value is initialized to 0 before the first call.
|
||||
* The function must fill the \c output buffer with \p output_size bytes
|
||||
* of random data and set \c *output_length to \p output_size.
|
||||
* The function must fill the \c output buffer with \c output_size bytes
|
||||
* of random data and set \c *output_length to \c output_size.
|
||||
*
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C
|
||||
*
|
||||
|
|
|
@ -266,8 +266,9 @@ int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r,
|
|||
* \param md_alg The hash algorithm used to hash the original data.
|
||||
* \param f_rng_blind The RNG function used for blinding. This must not be
|
||||
* \c NULL.
|
||||
* \param p_rng_blind The RNG context to be passed to \p f_rng. This may be
|
||||
* \c NULL if \p f_rng doesn't need a context parameter.
|
||||
* \param p_rng_blind The RNG context to be passed to \p f_rng_blind. This
|
||||
* may be \c NULL if \p f_rng_blind doesn't need
|
||||
* a context parameter.
|
||||
*
|
||||
* \return \c 0 on success.
|
||||
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
|
||||
|
@ -344,7 +345,7 @@ int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp,
|
|||
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
|
||||
* \param md_alg The message digest that was used to hash the message.
|
||||
* \param hash The message hash to be signed. This must be a readable
|
||||
* buffer of length \p blen Bytes.
|
||||
* buffer of length \p hlen Bytes.
|
||||
* \param hlen The length of the hash \p hash in Bytes.
|
||||
* \param sig The buffer to which to write the signature. This must be a
|
||||
* writable buffer of length at least twice as large as the
|
||||
|
@ -386,7 +387,7 @@ int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx,
|
|||
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
|
||||
* \param md_alg The message digest that was used to hash the message.
|
||||
* \param hash The message hash to be signed. This must be a readable
|
||||
* buffer of length \p blen Bytes.
|
||||
* buffer of length \p hlen Bytes.
|
||||
* \param hlen The length of the hash \p hash in Bytes.
|
||||
* \param sig The buffer to which to write the signature. This must be a
|
||||
* writable buffer of length at least twice as large as the
|
||||
|
@ -453,7 +454,7 @@ int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx,
|
|||
* and have a group and private key bound to it, for example
|
||||
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
|
||||
* \param hash The message hash to be signed. This must be a readable
|
||||
* buffer of length \p blen Bytes.
|
||||
* buffer of length \p hlen Bytes.
|
||||
* \param hlen The length of the hash \p hash in Bytes.
|
||||
* \param sig The buffer to which to write the signature. This must be a
|
||||
* writable buffer of length at least twice as large as the
|
||||
|
@ -490,7 +491,7 @@ int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx,
|
|||
* \param ctx The ECDSA context to use. This must be initialized
|
||||
* and have a group and public key bound to it.
|
||||
* \param hash The message hash that was signed. This must be a readable
|
||||
* buffer of length \p size Bytes.
|
||||
* buffer of length \p hlen Bytes.
|
||||
* \param hlen The size of the hash \p hash.
|
||||
* \param sig The signature to read and verify. This must be a readable
|
||||
* buffer of length \p slen Bytes.
|
||||
|
@ -520,7 +521,7 @@ int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx,
|
|||
* \param ctx The ECDSA context to use. This must be initialized
|
||||
* and have a group and public key bound to it.
|
||||
* \param hash The message hash that was signed. This must be a readable
|
||||
* buffer of length \p size Bytes.
|
||||
* buffer of length \p hlen Bytes.
|
||||
* \param hlen The size of the hash \p hash.
|
||||
* \param sig The signature to read and verify. This must be a readable
|
||||
* buffer of length \p slen Bytes.
|
||||
|
|
|
@ -1081,7 +1081,7 @@ int mbedtls_ecp_muladd_restartable(
|
|||
*
|
||||
* It only checks that the point is non-zero, has
|
||||
* valid coordinates and lies on the curve. It does not verify
|
||||
* that it is indeed a multiple of \p G. This additional
|
||||
* that it is indeed a multiple of \c G. This additional
|
||||
* check is computationally more expensive, is not required
|
||||
* by standards, and should not be necessary if the group
|
||||
* used has a small cofactor. In particular, it is useless for
|
||||
|
@ -1106,7 +1106,7 @@ int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp,
|
|||
const mbedtls_ecp_point *pt);
|
||||
|
||||
/**
|
||||
* \brief This function checks that an \p mbedtls_mpi is a
|
||||
* \brief This function checks that an \c mbedtls_mpi is a
|
||||
* valid private key for this curve.
|
||||
*
|
||||
* \note This function uses bare components rather than an
|
||||
|
|
|
@ -186,8 +186,8 @@ void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx);
|
|||
* \param len The length of the personalization string.
|
||||
* This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
|
||||
* and also at most
|
||||
* #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len * 3 / 2
|
||||
* where \p entropy_len is the entropy length
|
||||
* #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len * 3 / 2
|
||||
* where \c entropy_len is the entropy length
|
||||
* described above.
|
||||
*
|
||||
* \return \c 0 if successful.
|
||||
|
@ -316,8 +316,8 @@ int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx,
|
|||
* \param len The length of the additional data.
|
||||
* This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
|
||||
* and also at most
|
||||
* #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len
|
||||
* where \p entropy_len is the entropy length
|
||||
* #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len
|
||||
* where \c entropy_len is the entropy length
|
||||
* (see mbedtls_hmac_drbg_set_entropy_len()).
|
||||
*
|
||||
* \return \c 0 if successful.
|
||||
|
|
|
@ -395,7 +395,7 @@ int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type);
|
|||
*
|
||||
* \return 0 on success (signature is valid),
|
||||
* #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
|
||||
* signature in sig but its length is less than \p siglen,
|
||||
* signature in \p sig but its length is less than \p sig_len,
|
||||
* or a specific error code.
|
||||
*
|
||||
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
|
||||
|
@ -459,7 +459,7 @@ int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
|
|||
* #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be
|
||||
* used for this type of signatures,
|
||||
* #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
|
||||
* signature in sig but its length is less than \p siglen,
|
||||
* signature in \p sig but its length is less than \p sig_len,
|
||||
* or a specific error code.
|
||||
*
|
||||
* \note If hash_len is 0, then the length associated with md_alg
|
||||
|
|
|
@ -144,6 +144,8 @@ extern "C" {
|
|||
#if defined(MBEDTLS_PLATFORM_MEMORY)
|
||||
#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \
|
||||
defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
|
||||
#undef mbedtls_free
|
||||
#undef mbedtls_calloc
|
||||
#define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO
|
||||
#define mbedtls_calloc MBEDTLS_PLATFORM_CALLOC_MACRO
|
||||
#else
|
||||
|
@ -165,6 +167,8 @@ int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
|
|||
void (*free_func)(void *));
|
||||
#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */
|
||||
#else /* !MBEDTLS_PLATFORM_MEMORY */
|
||||
#undef mbedtls_free
|
||||
#undef mbedtls_calloc
|
||||
#define mbedtls_free free
|
||||
#define mbedtls_calloc calloc
|
||||
#endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */
|
||||
|
@ -189,6 +193,7 @@ extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...);
|
|||
int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *,
|
||||
...));
|
||||
#else
|
||||
#undef mbedtls_fprintf
|
||||
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
|
||||
#define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO
|
||||
#else
|
||||
|
@ -213,6 +218,7 @@ extern int (*mbedtls_printf)(const char *format, ...);
|
|||
*/
|
||||
int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...));
|
||||
#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
|
||||
#undef mbedtls_printf
|
||||
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
|
||||
#define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO
|
||||
#else
|
||||
|
@ -248,6 +254,7 @@ extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...);
|
|||
int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
|
||||
const char *format, ...));
|
||||
#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
|
||||
#undef mbedtls_snprintf
|
||||
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
|
||||
#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO
|
||||
#else
|
||||
|
@ -284,6 +291,7 @@ extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list a
|
|||
int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
|
||||
const char *format, va_list arg));
|
||||
#else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
|
||||
#undef mbedtls_vsnprintf
|
||||
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
|
||||
#define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO
|
||||
#else
|
||||
|
@ -308,6 +316,7 @@ extern void (*mbedtls_exit)(int status);
|
|||
*/
|
||||
int mbedtls_platform_set_exit(void (*exit_func)(int status));
|
||||
#else
|
||||
#undef mbedtls_exit
|
||||
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
|
||||
#define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO
|
||||
#else
|
||||
|
@ -360,6 +369,8 @@ int mbedtls_platform_set_nv_seed(
|
|||
int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)
|
||||
);
|
||||
#else
|
||||
#undef mbedtls_nv_seed_read
|
||||
#undef mbedtls_nv_seed_write
|
||||
#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \
|
||||
defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
|
||||
#define mbedtls_nv_seed_read MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
|
||||
|
|
|
@ -260,15 +260,15 @@ int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx,
|
|||
* \brief This function completes an RSA context from
|
||||
* a set of imported core parameters.
|
||||
*
|
||||
* To setup an RSA public key, precisely \p N and \p E
|
||||
* To setup an RSA public key, precisely \c N and \c E
|
||||
* must have been imported.
|
||||
*
|
||||
* To setup an RSA private key, sufficient information must
|
||||
* be present for the other parameters to be derivable.
|
||||
*
|
||||
* The default implementation supports the following:
|
||||
* <ul><li>Derive \p P, \p Q from \p N, \p D, \p E.</li>
|
||||
* <li>Derive \p N, \p D from \p P, \p Q, \p E.</li></ul>
|
||||
* <ul><li>Derive \c P, \c Q from \c N, \c D, \c E.</li>
|
||||
* <li>Derive \c N, \c D from \c P, \c Q, \c E.</li></ul>
|
||||
* Alternative implementations need not support these.
|
||||
*
|
||||
* If this function runs successfully, it guarantees that
|
||||
|
@ -537,7 +537,7 @@ int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub,
|
|||
* \note This function does not handle message padding.
|
||||
*
|
||||
* \note Make sure to set \p input[0] = 0 or ensure that
|
||||
* input is smaller than \p N.
|
||||
* input is smaller than \c N.
|
||||
*
|
||||
* \return \c 0 on success.
|
||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||
|
@ -1109,8 +1109,8 @@ int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
|
|||
* verification using the mode from the context.
|
||||
*
|
||||
* \note For PKCS#1 v2.1 encoding, see comments on
|
||||
* mbedtls_rsa_rsassa_pss_verify() about \p md_alg and
|
||||
* \p hash_id.
|
||||
* mbedtls_rsa_rsassa_pss_verify() about \c md_alg and
|
||||
* \c hash_id.
|
||||
*
|
||||
* \deprecated It is deprecated and discouraged to call this function
|
||||
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
|
||||
|
|
|
@ -494,6 +494,7 @@
|
|||
|
||||
/* Dummy type used only for its size */
|
||||
union mbedtls_ssl_premaster_secret {
|
||||
unsigned char dummy; /* Make the union non-empty even with SSL disabled */
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
||||
unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */
|
||||
#endif
|
||||
|
@ -1746,10 +1747,10 @@ void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl,
|
|||
* \param own_cid The address of the readable buffer holding the CID we want
|
||||
* the peer to use when sending encrypted messages to us.
|
||||
* This may be \c NULL if \p own_cid_len is \c 0.
|
||||
* This parameter is unused if \p enabled is set to
|
||||
* This parameter is unused if \p enable is set to
|
||||
* MBEDTLS_SSL_CID_DISABLED.
|
||||
* \param own_cid_len The length of \p own_cid.
|
||||
* This parameter is unused if \p enabled is set to
|
||||
* This parameter is unused if \p enable is set to
|
||||
* MBEDTLS_SSL_CID_DISABLED.
|
||||
*
|
||||
* \note The value of \p own_cid_len must match the value of the
|
||||
|
@ -2573,8 +2574,8 @@ int mbedtls_ssl_session_load(mbedtls_ssl_session *session,
|
|||
*
|
||||
* \param session The session structure to be saved.
|
||||
* \param buf The buffer to write the serialized data to. It must be a
|
||||
* writeable buffer of at least \p len bytes, or may be \c
|
||||
* NULL if \p len is \c 0.
|
||||
* writeable buffer of at least \p buf_len bytes, or may be \c
|
||||
* NULL if \p buf_len is \c 0.
|
||||
* \param buf_len The number of bytes available for writing in \p buf.
|
||||
* \param olen The size in bytes of the data that has been or would have
|
||||
* been written. It must point to a valid \c size_t.
|
||||
|
@ -2659,7 +2660,7 @@ void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf,
|
|||
* record headers.
|
||||
*
|
||||
* \return \c 0 on success.
|
||||
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p own_cid_len
|
||||
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p len
|
||||
* is too large.
|
||||
*/
|
||||
int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len,
|
||||
|
|
|
@ -38,16 +38,16 @@
|
|||
*/
|
||||
#define MBEDTLS_VERSION_MAJOR 2
|
||||
#define MBEDTLS_VERSION_MINOR 28
|
||||
#define MBEDTLS_VERSION_PATCH 3
|
||||
#define MBEDTLS_VERSION_PATCH 4
|
||||
|
||||
/**
|
||||
* The single version number has the following structure:
|
||||
* MMNNPP00
|
||||
* Major version | Minor version | Patch version
|
||||
*/
|
||||
#define MBEDTLS_VERSION_NUMBER 0x021C0300
|
||||
#define MBEDTLS_VERSION_STRING "2.28.3"
|
||||
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.28.3"
|
||||
#define MBEDTLS_VERSION_NUMBER 0x021C0400
|
||||
#define MBEDTLS_VERSION_STRING "2.28.4"
|
||||
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.28.4"
|
||||
|
||||
#if defined(MBEDTLS_VERSION_C)
|
||||
|
||||
|
|
|
@ -509,7 +509,7 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
|
|||
* \param san_buf The buffer holding the raw data item of the subject
|
||||
* alternative name.
|
||||
* \param san The target structure to populate with the parsed presentation
|
||||
* of the subject alternative name encoded in \p san_raw.
|
||||
* of the subject alternative name encoded in \p san_buf.
|
||||
*
|
||||
* \note Only "dnsName" and "otherName" of type hardware_module_name
|
||||
* as defined in RFC 4180 is supported.
|
||||
|
@ -517,7 +517,7 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
|
|||
* \note This function should be called on a single raw data of
|
||||
* subject alternative name. For example, after successful
|
||||
* certificate parsing, one must iterate on every item in the
|
||||
* \p crt->subject_alt_names sequence, and pass it to
|
||||
* \c crt->subject_alt_names sequence, and pass it to
|
||||
* this function.
|
||||
*
|
||||
* \warning The target structure contains pointers to the raw data of the
|
||||
|
|
|
@ -58,6 +58,8 @@ static int aes_padlock_ace = -1;
|
|||
/*
|
||||
* Forward S-box
|
||||
*/
|
||||
#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
|
||||
!defined(MBEDTLS_AES_SETKEY_DEC_ALT)
|
||||
static const unsigned char FSb[256] =
|
||||
{
|
||||
0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5,
|
||||
|
@ -93,6 +95,8 @@ static const unsigned char FSb[256] =
|
|||
0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68,
|
||||
0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
|
||||
};
|
||||
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
|
||||
!defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
|
||||
|
||||
/*
|
||||
* Forward tables
|
||||
|
@ -164,6 +168,7 @@ static const unsigned char FSb[256] =
|
|||
V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \
|
||||
V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C)
|
||||
|
||||
#if !defined(MBEDTLS_AES_ENCRYPT_ALT)
|
||||
#define V(a, b, c, d) 0x##a##b##c##d
|
||||
static const uint32_t FT0[256] = { FT };
|
||||
#undef V
|
||||
|
@ -184,8 +189,11 @@ static const uint32_t FT3[256] = { FT };
|
|||
|
||||
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
||||
|
||||
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */
|
||||
|
||||
#undef FT
|
||||
|
||||
#if !defined(MBEDTLS_AES_DECRYPT_ALT)
|
||||
/*
|
||||
* Reverse S-box
|
||||
*/
|
||||
|
@ -224,6 +232,7 @@ static const unsigned char RSb[256] =
|
|||
0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26,
|
||||
0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
|
||||
};
|
||||
#endif /* defined(MBEDTLS_AES_DECRYPT_ALT)) */
|
||||
|
||||
/*
|
||||
* Reverse tables
|
||||
|
@ -295,6 +304,8 @@ static const unsigned char RSb[256] =
|
|||
V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \
|
||||
V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0)
|
||||
|
||||
#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
|
||||
|
||||
#define V(a, b, c, d) 0x##a##b##c##d
|
||||
static const uint32_t RT0[256] = { RT };
|
||||
#undef V
|
||||
|
@ -315,8 +326,11 @@ static const uint32_t RT3[256] = { RT };
|
|||
|
||||
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
||||
|
||||
#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
|
||||
|
||||
#undef RT
|
||||
|
||||
#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
|
||||
/*
|
||||
* Round constants
|
||||
*/
|
||||
|
@ -326,31 +340,44 @@ static const uint32_t RCON[10] =
|
|||
0x00000010, 0x00000020, 0x00000040, 0x00000080,
|
||||
0x0000001B, 0x00000036
|
||||
};
|
||||
#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
|
||||
|
||||
#else /* MBEDTLS_AES_ROM_TABLES */
|
||||
|
||||
/*
|
||||
* Forward S-box & tables
|
||||
*/
|
||||
#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
|
||||
!defined(MBEDTLS_AES_SETKEY_DEC_ALT)
|
||||
static unsigned char FSb[256];
|
||||
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
|
||||
!defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
|
||||
#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
|
||||
static uint32_t FT0[256];
|
||||
#if !defined(MBEDTLS_AES_FEWER_TABLES)
|
||||
static uint32_t FT1[256];
|
||||
static uint32_t FT2[256];
|
||||
static uint32_t FT3[256];
|
||||
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
||||
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
|
||||
|
||||
/*
|
||||
* Reverse S-box & tables
|
||||
*/
|
||||
#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT))
|
||||
static unsigned char RSb[256];
|
||||
#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */
|
||||
|
||||
#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
|
||||
static uint32_t RT0[256];
|
||||
#if !defined(MBEDTLS_AES_FEWER_TABLES)
|
||||
static uint32_t RT1[256];
|
||||
static uint32_t RT2[256];
|
||||
static uint32_t RT3[256];
|
||||
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
||||
#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
|
||||
|
||||
#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
|
||||
/*
|
||||
* Round constants
|
||||
*/
|
||||
|
@ -428,6 +455,7 @@ static void aes_gen_tables(void)
|
|||
|
||||
x = RSb[i];
|
||||
|
||||
#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
|
||||
RT0[i] = ((uint32_t) MUL(0x0E, x)) ^
|
||||
((uint32_t) MUL(0x09, x) << 8) ^
|
||||
((uint32_t) MUL(0x0D, x) << 16) ^
|
||||
|
@ -438,9 +466,12 @@ static void aes_gen_tables(void)
|
|||
RT2[i] = ROTL8(RT1[i]);
|
||||
RT3[i] = ROTL8(RT2[i]);
|
||||
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
||||
#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
|
||||
}
|
||||
}
|
||||
|
||||
#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
|
||||
|
||||
#undef ROTL8
|
||||
|
||||
#endif /* MBEDTLS_AES_ROM_TABLES */
|
||||
|
@ -521,6 +552,9 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx)
|
|||
(defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2)
|
||||
#define MAY_NEED_TO_ALIGN
|
||||
#endif
|
||||
|
||||
#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \
|
||||
!defined(MBEDTLS_AES_SETKEY_ENC_ALT)
|
||||
static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
|
||||
{
|
||||
#if defined(MAY_NEED_TO_ALIGN)
|
||||
|
@ -557,6 +591,8 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
|
|||
|
||||
return 0;
|
||||
}
|
||||
#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \
|
||||
!defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
|
||||
|
||||
/*
|
||||
* AES key schedule (encryption)
|
||||
|
|
|
@ -41,6 +41,8 @@
|
|||
#if MBEDTLS_AESNI_HAVE_CODE == 2
|
||||
#if !defined(_WIN32)
|
||||
#include <cpuid.h>
|
||||
#else
|
||||
#include <intrin.h>
|
||||
#endif
|
||||
#include <immintrin.h>
|
||||
#endif
|
||||
|
|
|
@ -38,69 +38,69 @@
|
|||
|
||||
/* This is taken from tests/data_files/test-ca2.crt */
|
||||
/* BEGIN FILE string macro TEST_CA_CRT_EC_PEM tests/data_files/test-ca2.crt */
|
||||
#define TEST_CA_CRT_EC_PEM \
|
||||
"-----BEGIN CERTIFICATE-----\r\n" \
|
||||
"MIICBDCCAYigAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE\r\n" \
|
||||
"BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \
|
||||
"IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE\r\n" \
|
||||
"BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \
|
||||
"IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO\r\n" \
|
||||
"4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK\r\n" \
|
||||
"6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1AwTjAMBgNVHRMEBTADAQH/\r\n" \
|
||||
"MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSdbSAk\r\n" \
|
||||
"SQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMFHKrjAPpHB0BN1a\r\n" \
|
||||
"LH8TwcJ3vh0AxeKZj30mRdOKBmg/jLS3rU3g8VQBHpn8sOTTBwIxANxPO5AerimZ\r\n" \
|
||||
"hCjMe0d4CTHf1gFZMF70+IqEP+o5VHsIp2Cqvflb0VGWFC5l9a4cQg==\r\n" \
|
||||
#define TEST_CA_CRT_EC_PEM \
|
||||
"-----BEGIN CERTIFICATE-----\r\n" \
|
||||
"MIICBDCCAYigAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE\r\n" \
|
||||
"BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \
|
||||
"IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE\r\n" \
|
||||
"BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \
|
||||
"IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO\r\n" \
|
||||
"4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK\r\n" \
|
||||
"6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1AwTjAMBgNVHRMEBTADAQH/\r\n" \
|
||||
"MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSdbSAk\r\n" \
|
||||
"SQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMFHKrjAPpHB0BN1a\r\n" \
|
||||
"LH8TwcJ3vh0AxeKZj30mRdOKBmg/jLS3rU3g8VQBHpn8sOTTBwIxANxPO5AerimZ\r\n" \
|
||||
"hCjMe0d4CTHf1gFZMF70+IqEP+o5VHsIp2Cqvflb0VGWFC5l9a4cQg==\r\n" \
|
||||
"-----END CERTIFICATE-----\r\n"
|
||||
/* END FILE */
|
||||
|
||||
/* This is generated from tests/data_files/test-ca2.crt.der using `xxd -i`. */
|
||||
/* BEGIN FILE binary macro TEST_CA_CRT_EC_DER tests/data_files/test-ca2.crt.der */
|
||||
#define TEST_CA_CRT_EC_DER { \
|
||||
0x30, 0x82, 0x02, 0x04, 0x30, 0x82, 0x01, 0x88, 0xa0, 0x03, 0x02, 0x01, \
|
||||
0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \
|
||||
0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, \
|
||||
0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \
|
||||
0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \
|
||||
0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
|
||||
0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \
|
||||
0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \
|
||||
0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, \
|
||||
0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17, \
|
||||
0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, \
|
||||
0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \
|
||||
0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \
|
||||
0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
|
||||
0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \
|
||||
0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \
|
||||
0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, \
|
||||
0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, \
|
||||
0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, \
|
||||
0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, \
|
||||
0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, \
|
||||
0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, \
|
||||
0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, \
|
||||
0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, \
|
||||
0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, \
|
||||
0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, \
|
||||
0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0c, \
|
||||
0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, \
|
||||
0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, \
|
||||
0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, \
|
||||
0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, 0x06, 0x03, 0x55, \
|
||||
0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, \
|
||||
0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, \
|
||||
0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
|
||||
0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, \
|
||||
0x30, 0x51, 0xca, 0xae, 0x30, 0x0f, 0xa4, 0x70, 0x74, 0x04, 0xdd, 0x5a, \
|
||||
0x2c, 0x7f, 0x13, 0xc1, 0xc2, 0x77, 0xbe, 0x1d, 0x00, 0xc5, 0xe2, 0x99, \
|
||||
0x8f, 0x7d, 0x26, 0x45, 0xd3, 0x8a, 0x06, 0x68, 0x3f, 0x8c, 0xb4, 0xb7, \
|
||||
0xad, 0x4d, 0xe0, 0xf1, 0x54, 0x01, 0x1e, 0x99, 0xfc, 0xb0, 0xe4, 0xd3, \
|
||||
0x07, 0x02, 0x31, 0x00, 0xdc, 0x4f, 0x3b, 0x90, 0x1e, 0xae, 0x29, 0x99, \
|
||||
0x84, 0x28, 0xcc, 0x7b, 0x47, 0x78, 0x09, 0x31, 0xdf, 0xd6, 0x01, 0x59, \
|
||||
0x30, 0x5e, 0xf4, 0xf8, 0x8a, 0x84, 0x3f, 0xea, 0x39, 0x54, 0x7b, 0x08, \
|
||||
0xa7, 0x60, 0xaa, 0xbd, 0xf9, 0x5b, 0xd1, 0x51, 0x96, 0x14, 0x2e, 0x65, \
|
||||
0xf5, 0xae, 0x1c, 0x42 \
|
||||
#define TEST_CA_CRT_EC_DER { \
|
||||
0x30, 0x82, 0x02, 0x04, 0x30, 0x82, 0x01, 0x88, 0xa0, 0x03, 0x02, 0x01, \
|
||||
0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \
|
||||
0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, \
|
||||
0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \
|
||||
0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \
|
||||
0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
|
||||
0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \
|
||||
0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \
|
||||
0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, \
|
||||
0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17, \
|
||||
0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, \
|
||||
0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \
|
||||
0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \
|
||||
0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
|
||||
0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \
|
||||
0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \
|
||||
0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, \
|
||||
0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, \
|
||||
0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, \
|
||||
0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, \
|
||||
0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, \
|
||||
0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, \
|
||||
0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, \
|
||||
0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, \
|
||||
0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, \
|
||||
0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, \
|
||||
0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0c, \
|
||||
0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, \
|
||||
0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, \
|
||||
0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, \
|
||||
0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, 0x06, 0x03, 0x55, \
|
||||
0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, \
|
||||
0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, \
|
||||
0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
|
||||
0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, \
|
||||
0x30, 0x51, 0xca, 0xae, 0x30, 0x0f, 0xa4, 0x70, 0x74, 0x04, 0xdd, 0x5a, \
|
||||
0x2c, 0x7f, 0x13, 0xc1, 0xc2, 0x77, 0xbe, 0x1d, 0x00, 0xc5, 0xe2, 0x99, \
|
||||
0x8f, 0x7d, 0x26, 0x45, 0xd3, 0x8a, 0x06, 0x68, 0x3f, 0x8c, 0xb4, 0xb7, \
|
||||
0xad, 0x4d, 0xe0, 0xf1, 0x54, 0x01, 0x1e, 0x99, 0xfc, 0xb0, 0xe4, 0xd3, \
|
||||
0x07, 0x02, 0x31, 0x00, 0xdc, 0x4f, 0x3b, 0x90, 0x1e, 0xae, 0x29, 0x99, \
|
||||
0x84, 0x28, 0xcc, 0x7b, 0x47, 0x78, 0x09, 0x31, 0xdf, 0xd6, 0x01, 0x59, \
|
||||
0x30, 0x5e, 0xf4, 0xf8, 0x8a, 0x84, 0x3f, 0xea, 0x39, 0x54, 0x7b, 0x08, \
|
||||
0xa7, 0x60, 0xaa, 0xbd, 0xf9, 0x5b, 0xd1, 0x51, 0x96, 0x14, 0x2e, 0x65, \
|
||||
0xf5, 0xae, 0x1c, 0x42 \
|
||||
}
|
||||
/* END FILE */
|
||||
|
||||
|
@ -348,33 +348,33 @@
|
|||
#define TEST_CA_KEY_RSA_PEM \
|
||||
"-----BEGIN RSA PRIVATE KEY-----\r\n" \
|
||||
"Proc-Type: 4,ENCRYPTED\r\n" \
|
||||
"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n" \
|
||||
"AES-128-CBC,781840E6B804AE83D2AF71127C4CE314\r\n" \
|
||||
"\r\n" \
|
||||
"9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n" \
|
||||
"7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n" \
|
||||
"Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n" \
|
||||
"PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n" \
|
||||
"GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n" \
|
||||
"gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n" \
|
||||
"QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n" \
|
||||
"PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n" \
|
||||
"vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n" \
|
||||
"WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n" \
|
||||
"JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n" \
|
||||
"KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n" \
|
||||
"Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n" \
|
||||
"9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n" \
|
||||
"iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n" \
|
||||
"tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n" \
|
||||
"P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n" \
|
||||
"1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n" \
|
||||
"nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n" \
|
||||
"X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n" \
|
||||
"rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n" \
|
||||
"L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n" \
|
||||
"I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n" \
|
||||
"wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n" \
|
||||
"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" \
|
||||
"etQ3xgGLbuYF9vR1km03TH5fwfly1hOlix0PtfQ+t9HG065vTtSEHYc/OyHwdy79\r\n" \
|
||||
"NCLX5RUrPh06E/XlKzMNVHAXqkwFnIwNzRLsOozeP1L7iZEZb9QMeiN5Org+btCO\r\n" \
|
||||
"bylXPB4YirfuE7GSJalWY/pq3FQtD33zTIKmNhXfVj3sbwGI/8D9XjaKUb8PODOB\r\n" \
|
||||
"skOalmx6RvYRvg0lmRxB3+T3wejIsrrDPweYqte9B6dVHIVG1ZmvoA6/wnKZZZeV\r\n" \
|
||||
"sjj8OpL3OwUBrjuGSknE9Rs6kCuSCbHOYVK8VzcZmCYpie0TFnb3Sk8M6vjfW+45\r\n" \
|
||||
"U7WUMlSAPxKH6lJDzWdwHqLvsVJwuNnaAaBXg9/8U/rzQEWuq8Ar3s8fw2Jg3F1G\r\n" \
|
||||
"L6N5ZAEfCz3Sa0N9WKafR/RSQj+rq8Z3w4POAafhbzk249uo5K8B1Z3cQwLxeXIl\r\n" \
|
||||
"UbRQz1TZy4oNTfQzCahYruPNyvwgTkfwAFFvbLAdaiJd2ZtLBoqYE64TYakYnvcC\r\n" \
|
||||
"itim1bmySIKoxlMfBGFmMuF03epT0pSx701jlGzGi0l0m16NEjoVxDwo5j93SmiM\r\n" \
|
||||
"sQdjC1lOGk2iCLkphIQqHFjFJYWjvh1UUIqWZf+ZWOOxlf4x9a1pUVj6FvtECxNB\r\n" \
|
||||
"/mA/m4Iq4LAuVXHE1MpHeq067lJ6wWlrsb2WVmiNGfQ2AC7fMtpcPuunBVT9NV1m\r\n" \
|
||||
"1rbDzIgLIWAzqz/cy3N8Q8vfxnrFtmNUyM191Zyq+YF14hIKWX9J1qR4LXwWAzVV\r\n" \
|
||||
"UrC8IL4pA2mtRkW4qFsB0EmHAxO/cedDTPjVFty5WSzhNuvYZxX45HAkGIfK6d21\r\n" \
|
||||
"7WHPhHG+zaaUTWMUVixB0IcKp6RecjYPFzBHS0YeX88Ue2cyT/90jMiQ9ssOgRrG\r\n" \
|
||||
"ZJRJvZAc3TSCnY9sNPYoGrJPiZuCnlUj3ENNurYVy12ai0WFxwnNUZjRUhDS6hjm\r\n" \
|
||||
"cDHD5TlI9MZ6M+Mb/Bw4Ig8HuTHOtQBYD9vhtXsG+B7H/j6cS+1umaKjrnG/kK4W\r\n" \
|
||||
"R6YXwM2faAi+DwgjjoMXSzRqSTF8PdTIWbAXo3bc2qsXPTMBA8PEp4nb5scHZ4Ts\r\n" \
|
||||
"EcBNp2jv0j4gBkRmGIab17cWMrlagjFy89DhqZUFwKdeZs+yJ92A5xstWxOUfpEP\r\n" \
|
||||
"90T/bsp1G5d7WW5fl2TRJvYJNDM+djkKIh0zCkduiZ36oVM6nDdbjmXqjQXopeSD\r\n" \
|
||||
"gtOourBRF8g99W0fW8QT+yPhP0Pkyz6EG8eQO6Zwh439xdoVwu9jUzQAPmZ0uNeR\r\n" \
|
||||
"xTXXihYyv72z27rInjLiIPXL25K9eDVLlcSR3RyG7YYgjdQAL2VJDLcBz5jox1uQ\r\n" \
|
||||
"0guoD5wmfu2FWLqYE7HeTYntdY53lCflwq0GHRMjrrsVpx+5VDQ6Yi47Ny9SWLcp\r\n" \
|
||||
"fPI3iBkXuGRWupzs6N4pQdSO0dU28KfpMM5QvFoLIn67brCHEQij4dgFrCTYEyBX\r\n" \
|
||||
"9+jiNImUFYUhAFuxvUbfZt4O/ABLIElvHLfJs1oYCmI/nWpvLFqXB5rnzPNfEi0H\r\n" \
|
||||
"PGGe1Hj/t+CJIp/6ios3yNy2QtXO754TZH2UVu51Ykyig5PFjZVoUkbRvHQYcWfU\r\n" \
|
||||
"-----END RSA PRIVATE KEY-----\r\n"
|
||||
/* END FILE */
|
||||
|
||||
|
@ -501,72 +501,72 @@
|
|||
|
||||
/* This is taken from tests/data_files/server5.crt. */
|
||||
/* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM tests/data_files/server5.crt */
|
||||
#define TEST_SRV_CRT_EC_PEM \
|
||||
"-----BEGIN CERTIFICATE-----\r\n" \
|
||||
"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \
|
||||
"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \
|
||||
"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
|
||||
"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \
|
||||
"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \
|
||||
"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \
|
||||
"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \
|
||||
"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n" \
|
||||
"clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \
|
||||
"CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n" \
|
||||
"C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n" \
|
||||
"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n" \
|
||||
#define TEST_SRV_CRT_EC_PEM \
|
||||
"-----BEGIN CERTIFICATE-----\r\n" \
|
||||
"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \
|
||||
"A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \
|
||||
"MjMwNjE1MDMzNDE4WhcNMzMwNjEyMDMzNDE4WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
|
||||
"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \
|
||||
"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \
|
||||
"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \
|
||||
"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \
|
||||
"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh\r\n" \
|
||||
"clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \
|
||||
"CCqGSM49BAMCA2gAMGUCMAHFbGEzx8dZaUlIltT5s1QO9FvKmvFer4uRY3ntEy9S\r\n" \
|
||||
"k7DCCozM86WWLjfzbJ78bwIxAJYRPF1CzNEiXPHb9O46ZPHKo2S5x//g/54RowAK\r\n" \
|
||||
"uZz+hKPuMi6YY6cIm81jfeaSZQ==\r\n" \
|
||||
"-----END CERTIFICATE-----\r\n"
|
||||
/* END FILE */
|
||||
|
||||
/* This is generated from tests/data_files/server5.crt.der using `xxd -i`. */
|
||||
/* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER tests/data_files/server5.crt.der */
|
||||
#define TEST_SRV_CRT_EC_DER { \
|
||||
0x30, 0x82, 0x02, 0x1f, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \
|
||||
0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
|
||||
0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
|
||||
0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
|
||||
0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
|
||||
0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \
|
||||
0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \
|
||||
0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
|
||||
0x31, 0x33, 0x30, 0x39, 0x32, 0x34, 0x31, 0x35, 0x35, 0x32, 0x30, 0x34, \
|
||||
0x5a, 0x17, 0x0d, 0x32, 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x35, \
|
||||
0x32, 0x30, 0x34, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
|
||||
0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
|
||||
0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
|
||||
0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \
|
||||
0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \
|
||||
0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \
|
||||
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \
|
||||
0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, \
|
||||
0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, \
|
||||
0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, \
|
||||
0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, \
|
||||
0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, \
|
||||
0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30, \
|
||||
0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, \
|
||||
0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5, \
|
||||
0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c, \
|
||||
0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, \
|
||||
0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, \
|
||||
0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \
|
||||
0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \
|
||||
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \
|
||||
0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, \
|
||||
0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \
|
||||
0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \
|
||||
0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \
|
||||
0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \
|
||||
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \
|
||||
0x30, 0x65, 0x02, 0x31, 0x00, 0x9a, 0x2c, 0x5c, 0xd7, 0xa6, 0xdb, 0xa2, \
|
||||
0xe5, 0x64, 0x0d, 0xf0, 0xb9, 0x4e, 0xdd, 0xd7, 0x61, 0xd6, 0x13, 0x31, \
|
||||
0xc7, 0xab, 0x73, 0x80, 0xbb, 0xd3, 0xd3, 0x73, 0x13, 0x54, 0xad, 0x92, \
|
||||
0x0b, 0x5d, 0xab, 0xd0, 0xbc, 0xf7, 0xae, 0x2f, 0xe6, 0xa1, 0x21, 0x29, \
|
||||
0x35, 0x95, 0xaa, 0x3e, 0x39, 0x02, 0x30, 0x21, 0x36, 0x7f, 0x9d, 0xc6, \
|
||||
0x5d, 0xc6, 0x0b, 0xab, 0x27, 0xf2, 0x25, 0x1d, 0x3b, 0xf1, 0xcf, 0xf1, \
|
||||
0x35, 0x25, 0x14, 0xe7, 0xe5, 0xf1, 0x97, 0xb5, 0x59, 0xe3, 0x5e, 0x15, \
|
||||
0x7c, 0x66, 0xb9, 0x90, 0x7b, 0xc7, 0x01, 0x10, 0x4f, 0x73, 0xc6, 0x00, \
|
||||
0x21, 0x52, 0x2a, 0x0e, 0xf1, 0xc7, 0xd5 \
|
||||
#define TEST_SRV_CRT_EC_DER { \
|
||||
0x30, 0x82, 0x02, 0x1f, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \
|
||||
0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
|
||||
0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
|
||||
0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
|
||||
0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
|
||||
0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
|
||||
0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \
|
||||
0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
|
||||
0x32, 0x33, 0x30, 0x36, 0x31, 0x35, 0x30, 0x33, 0x33, 0x34, 0x31, 0x38, \
|
||||
0x5a, 0x17, 0x0d, 0x33, 0x33, 0x30, 0x36, 0x31, 0x32, 0x30, 0x33, 0x33, \
|
||||
0x34, 0x31, 0x38, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
|
||||
0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
|
||||
0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
|
||||
0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
|
||||
0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \
|
||||
0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \
|
||||
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \
|
||||
0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, \
|
||||
0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, \
|
||||
0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, \
|
||||
0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, \
|
||||
0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, \
|
||||
0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30, \
|
||||
0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, \
|
||||
0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5, \
|
||||
0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c, \
|
||||
0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, \
|
||||
0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, \
|
||||
0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \
|
||||
0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \
|
||||
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \
|
||||
0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \
|
||||
0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \
|
||||
0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \
|
||||
0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \
|
||||
0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \
|
||||
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \
|
||||
0x30, 0x65, 0x02, 0x30, 0x01, 0xc5, 0x6c, 0x61, 0x33, 0xc7, 0xc7, 0x59, \
|
||||
0x69, 0x49, 0x48, 0x96, 0xd4, 0xf9, 0xb3, 0x54, 0x0e, 0xf4, 0x5b, 0xca, \
|
||||
0x9a, 0xf1, 0x5e, 0xaf, 0x8b, 0x91, 0x63, 0x79, 0xed, 0x13, 0x2f, 0x52, \
|
||||
0x93, 0xb0, 0xc2, 0x0a, 0x8c, 0xcc, 0xf3, 0xa5, 0x96, 0x2e, 0x37, 0xf3, \
|
||||
0x6c, 0x9e, 0xfc, 0x6f, 0x02, 0x31, 0x00, 0x96, 0x11, 0x3c, 0x5d, 0x42, \
|
||||
0xcc, 0xd1, 0x22, 0x5c, 0xf1, 0xdb, 0xf4, 0xee, 0x3a, 0x64, 0xf1, 0xca, \
|
||||
0xa3, 0x64, 0xb9, 0xc7, 0xff, 0xe0, 0xff, 0x9e, 0x11, 0xa3, 0x00, 0x0a, \
|
||||
0xb9, 0x9c, 0xfe, 0x84, 0xa3, 0xee, 0x32, 0x2e, 0x98, 0x63, 0xa7, 0x08, \
|
||||
0x9b, 0xcd, 0x63, 0x7d, 0xe6, 0x92, 0x65 \
|
||||
}
|
||||
/* END FILE */
|
||||
|
||||
|
|
|
@ -263,40 +263,6 @@ unsigned mbedtls_ct_uint_if(unsigned condition,
|
|||
|
||||
#if defined(MBEDTLS_BIGNUM_C)
|
||||
|
||||
/** Select between two sign values without branches.
|
||||
*
|
||||
* This is functionally equivalent to `condition ? if1 : if0` but uses only bit
|
||||
* operations in order to avoid branches.
|
||||
*
|
||||
* \note if1 and if0 must be either 1 or -1, otherwise the result
|
||||
* is undefined.
|
||||
*
|
||||
* \param condition Condition to test; must be either 0 or 1.
|
||||
* \param if1 The first sign; must be either +1 or -1.
|
||||
* \param if0 The second sign; must be either +1 or -1.
|
||||
*
|
||||
* \return \c if1 if \p condition is nonzero, otherwise \c if0.
|
||||
* */
|
||||
static int mbedtls_ct_cond_select_sign(unsigned char condition,
|
||||
int if1,
|
||||
int if0)
|
||||
{
|
||||
/* In order to avoid questions about what we can reasonably assume about
|
||||
* the representations of signed integers, move everything to unsigned
|
||||
* by taking advantage of the fact that if1 and if0 are either +1 or -1. */
|
||||
unsigned uif1 = if1 + 1;
|
||||
unsigned uif0 = if0 + 1;
|
||||
|
||||
/* condition was 0 or 1, mask is 0 or 2 as are uif1 and uif0 */
|
||||
const unsigned mask = condition << 1;
|
||||
|
||||
/* select uif1 or uif0 */
|
||||
unsigned ur = (uif0 & ~mask) | (uif1 & mask);
|
||||
|
||||
/* ur is now 0 or 2, convert back to -1 or +1 */
|
||||
return (int) ur - 1;
|
||||
}
|
||||
|
||||
void mbedtls_ct_mpi_uint_cond_assign(size_t n,
|
||||
mbedtls_mpi_uint *dest,
|
||||
const mbedtls_mpi_uint *src,
|
||||
|
@ -559,7 +525,7 @@ int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X,
|
|||
|
||||
MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n));
|
||||
|
||||
X->s = mbedtls_ct_cond_select_sign(assign, Y->s, X->s);
|
||||
X->s = (int) mbedtls_ct_uint_if(assign, Y->s, X->s);
|
||||
|
||||
mbedtls_ct_mpi_uint_cond_assign(Y->n, X->p, Y->p, assign);
|
||||
|
||||
|
@ -599,8 +565,8 @@ int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X,
|
|||
MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n));
|
||||
|
||||
s = X->s;
|
||||
X->s = mbedtls_ct_cond_select_sign(swap, Y->s, X->s);
|
||||
Y->s = mbedtls_ct_cond_select_sign(swap, s, Y->s);
|
||||
X->s = (int) mbedtls_ct_uint_if(swap, Y->s, X->s);
|
||||
Y->s = (int) mbedtls_ct_uint_if(swap, s, Y->s);
|
||||
|
||||
|
||||
for (i = 0; i < X->n; i++) {
|
||||
|
|
|
@ -30,6 +30,7 @@
|
|||
#include "mbedtls/platform_util.h"
|
||||
#include "mbedtls/error.h"
|
||||
|
||||
#include <limits.h>
|
||||
#include <string.h>
|
||||
|
||||
#if defined(MBEDTLS_FS_IO)
|
||||
|
|
|
@ -30,6 +30,7 @@
|
|||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
/* DEBUG_BUF_SIZE must be at least 2 */
|
||||
#define DEBUG_BUF_SIZE 512
|
||||
|
||||
static int debug_threshold = 0;
|
||||
|
@ -69,6 +70,8 @@ void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
|
|||
char str[DEBUG_BUF_SIZE];
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_STATIC_ASSERT(DEBUG_BUF_SIZE >= 2, "DEBUG_BUF_SIZE too small");
|
||||
|
||||
if (NULL == ssl ||
|
||||
NULL == ssl->conf ||
|
||||
NULL == ssl->conf->f_dbg ||
|
||||
|
@ -80,10 +83,15 @@ void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
|
|||
ret = mbedtls_vsnprintf(str, DEBUG_BUF_SIZE, format, argp);
|
||||
va_end(argp);
|
||||
|
||||
if (ret >= 0 && ret < DEBUG_BUF_SIZE - 1) {
|
||||
str[ret] = '\n';
|
||||
str[ret + 1] = '\0';
|
||||
if (ret < 0) {
|
||||
ret = 0;
|
||||
} else {
|
||||
if (ret >= DEBUG_BUF_SIZE - 1) {
|
||||
ret = DEBUG_BUF_SIZE - 2;
|
||||
}
|
||||
}
|
||||
str[ret] = '\n';
|
||||
str[ret + 1] = '\0';
|
||||
|
||||
debug_send_line(ssl, level, file, line, str);
|
||||
}
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
/*
|
||||
* References:
|
||||
*
|
||||
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
|
||||
* SEC1 https://www.secg.org/sec1-v2.pdf
|
||||
* RFC 4492
|
||||
*/
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
/*
|
||||
* References:
|
||||
*
|
||||
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
|
||||
* SEC1 https://www.secg.org/sec1-v2.pdf
|
||||
*/
|
||||
|
||||
#include "common.h"
|
||||
|
|
|
@ -20,13 +20,15 @@
|
|||
/*
|
||||
* References:
|
||||
*
|
||||
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
|
||||
* SEC1 https://www.secg.org/sec1-v2.pdf
|
||||
* GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone
|
||||
* FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
|
||||
* RFC 4492 for the related TLS structures and constants
|
||||
* - https://www.rfc-editor.org/rfc/rfc4492
|
||||
* RFC 7748 for the Curve448 and Curve25519 curve definitions
|
||||
* - https://www.rfc-editor.org/rfc/rfc7748
|
||||
*
|
||||
* [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf
|
||||
* [Curve25519] https://cr.yp.to/ecdh/curve25519-20060209.pdf
|
||||
*
|
||||
* [2] CORON, Jean-S'ebastien. Resistance against differential power analysis
|
||||
* for elliptic curve cryptosystems. In : Cryptographic Hardware and
|
||||
|
@ -2591,6 +2593,7 @@ static int ecp_mul_mxz(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
|
|||
void *p_rng)
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
int have_rng = 1;
|
||||
size_t i;
|
||||
unsigned char b;
|
||||
mbedtls_ecp_point RP;
|
||||
|
@ -2623,9 +2626,8 @@ static int ecp_mul_mxz(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
|
|||
/* RP.X might be slightly larger than P, so reduce it */
|
||||
MOD_ADD(RP.X);
|
||||
|
||||
/* Randomize coordinates of the starting point */
|
||||
int have_rng = 1;
|
||||
#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
|
||||
/* Derandomize coordinates of the starting point */
|
||||
if (f_rng == NULL) {
|
||||
have_rng = 0;
|
||||
}
|
||||
|
|
|
@ -61,7 +61,7 @@ void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits);
|
|||
* This is the bit-size of the key minus 1:
|
||||
* 254 for Curve25519 or 447 for Curve448.
|
||||
* \param d The randomly generated key. This is a number of size
|
||||
* exactly \p n_bits + 1 bits, with the least significant bits
|
||||
* exactly \p high_bit + 1 bits, with the least significant bits
|
||||
* masked as specified in [Curve25519] and in [RFC7748] §5.
|
||||
* \param f_rng The RNG function.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng.
|
||||
|
@ -69,7 +69,7 @@ void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits);
|
|||
* \return \c 0 on success.
|
||||
* \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure.
|
||||
*/
|
||||
int mbedtls_ecp_gen_privkey_mx(size_t n_bits,
|
||||
int mbedtls_ecp_gen_privkey_mx(size_t high_bit,
|
||||
mbedtls_mpi *d,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng);
|
||||
|
|
|
@ -31,6 +31,8 @@
|
|||
#include "mbedtls/entropy_poll.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/sha256.h"
|
||||
#include "mbedtls/sha512.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
|
|
@ -90,6 +90,7 @@ static int wsa_init_done = 0;
|
|||
#include <errno.h>
|
||||
|
||||
#define IS_EINTR(ret) ((ret) == EINTR)
|
||||
#define SOCKET int
|
||||
|
||||
#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
|
||||
|
||||
|
@ -494,13 +495,13 @@ int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout)
|
|||
FD_ZERO(&read_fds);
|
||||
if (rw & MBEDTLS_NET_POLL_READ) {
|
||||
rw &= ~MBEDTLS_NET_POLL_READ;
|
||||
FD_SET(fd, &read_fds);
|
||||
FD_SET((SOCKET) fd, &read_fds);
|
||||
}
|
||||
|
||||
FD_ZERO(&write_fds);
|
||||
if (rw & MBEDTLS_NET_POLL_WRITE) {
|
||||
rw &= ~MBEDTLS_NET_POLL_WRITE;
|
||||
FD_SET(fd, &write_fds);
|
||||
FD_SET((SOCKET) fd, &write_fds);
|
||||
}
|
||||
|
||||
if (rw != 0) {
|
||||
|
@ -608,7 +609,7 @@ int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf,
|
|||
}
|
||||
|
||||
FD_ZERO(&read_fds);
|
||||
FD_SET(fd, &read_fds);
|
||||
FD_SET((SOCKET) fd, &read_fds);
|
||||
|
||||
tv.tv_sec = timeout / 1000;
|
||||
tv.tv_usec = (timeout % 1000) * 1000;
|
||||
|
|
|
@ -646,6 +646,7 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
|
|||
psa_key_type_t key_type;
|
||||
size_t bits;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
psa_status_t status;
|
||||
|
||||
/* export the private key material in the format PSA wants */
|
||||
if (mbedtls_pk_get_type(pk) != MBEDTLS_PK_ECKEY) {
|
||||
|
@ -668,7 +669,9 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
|
|||
psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(hash_alg));
|
||||
|
||||
/* import private key into PSA */
|
||||
if (PSA_SUCCESS != psa_import_key(&attributes, d, d_len, key)) {
|
||||
status = psa_import_key(&attributes, d, d_len, key);
|
||||
mbedtls_platform_zeroize(d, sizeof(d));
|
||||
if (status != PSA_SUCCESS) {
|
||||
return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
|
||||
}
|
||||
|
||||
|
|
|
@ -1235,6 +1235,8 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk,
|
|||
mbedtls_pem_context pem;
|
||||
#endif
|
||||
|
||||
(void) pk_info;
|
||||
|
||||
PK_VALIDATE_RET(pk != NULL);
|
||||
if (keylen == 0) {
|
||||
return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
|
||||
|
|
|
@ -178,6 +178,11 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
|
|||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
|
||||
(void) p;
|
||||
(void) start;
|
||||
(void) key;
|
||||
(void) ret;
|
||||
|
||||
PK_VALIDATE_RET(p != NULL);
|
||||
PK_VALIDATE_RET(*p != NULL);
|
||||
PK_VALIDATE_RET(start != NULL);
|
||||
|
@ -313,6 +318,10 @@ int mbedtls_pk_write_key_der(mbedtls_pk_context *key, unsigned char *buf, size_t
|
|||
unsigned char *c;
|
||||
size_t len = 0;
|
||||
|
||||
(void) ret;
|
||||
(void) c;
|
||||
(void) key;
|
||||
|
||||
PK_VALIDATE_RET(key != NULL);
|
||||
if (size == 0) {
|
||||
return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
|
||||
|
|
|
@ -17,6 +17,8 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "common.h"
|
||||
|
||||
#include "mbedtls/platform.h"
|
||||
|
@ -233,17 +235,20 @@ volatile int mbedtls_timing_alarmed = 0;
|
|||
|
||||
unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
|
||||
{
|
||||
struct _hr_time *t = (struct _hr_time *) val;
|
||||
struct _hr_time t;
|
||||
|
||||
if (reset) {
|
||||
QueryPerformanceCounter(&t->start);
|
||||
QueryPerformanceCounter(&t.start);
|
||||
memcpy(val, &t, sizeof(struct _hr_time));
|
||||
return 0;
|
||||
} else {
|
||||
unsigned long delta;
|
||||
LARGE_INTEGER now, hfreq;
|
||||
/* We can't safely cast val because it may not be aligned, so use memcpy */
|
||||
memcpy(&t, val, sizeof(struct _hr_time));
|
||||
QueryPerformanceCounter(&now);
|
||||
QueryPerformanceFrequency(&hfreq);
|
||||
delta = (unsigned long) ((now.QuadPart - t->start.QuadPart) * 1000ul
|
||||
delta = (unsigned long) ((now.QuadPart - t.start.QuadPart) * 1000ul
|
||||
/ hfreq.QuadPart);
|
||||
return delta;
|
||||
}
|
||||
|
@ -279,17 +284,20 @@ void mbedtls_set_alarm(int seconds)
|
|||
|
||||
unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
|
||||
{
|
||||
struct _hr_time *t = (struct _hr_time *) val;
|
||||
struct _hr_time t;
|
||||
|
||||
if (reset) {
|
||||
gettimeofday(&t->start, NULL);
|
||||
gettimeofday(&t.start, NULL);
|
||||
memcpy(val, &t, sizeof(struct _hr_time));
|
||||
return 0;
|
||||
} else {
|
||||
unsigned long delta;
|
||||
struct timeval now;
|
||||
/* We can't safely cast val because it may not be aligned, so use memcpy */
|
||||
memcpy(&t, val, sizeof(struct _hr_time));
|
||||
gettimeofday(&now, NULL);
|
||||
delta = (now.tv_sec - t->start.tv_sec) * 1000ul
|
||||
+ (now.tv_usec - t->start.tv_usec) / 1000;
|
||||
delta = (now.tv_sec - t.start.tv_sec) * 1000ul
|
||||
+ (now.tv_usec - t.start.tv_usec) / 1000;
|
||||
return delta;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -53,13 +53,17 @@
|
|||
#include <time.h>
|
||||
#endif
|
||||
|
||||
#define CHECK(code) if ((ret = (code)) != 0) { return ret; }
|
||||
#define CHECK(code) \
|
||||
do { \
|
||||
if ((ret = (code)) != 0) { \
|
||||
return ret; \
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
#define CHECK_RANGE(min, max, val) \
|
||||
do \
|
||||
{ \
|
||||
if ((val) < (min) || (val) > (max)) \
|
||||
{ \
|
||||
return ret; \
|
||||
do { \
|
||||
if ((val) < (min) || (val) > (max)) { \
|
||||
return ret; \
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
|
|
|
@ -125,7 +125,7 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name,
|
|||
|
||||
int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name)
|
||||
{
|
||||
int ret = 0;
|
||||
int ret = MBEDTLS_ERR_X509_INVALID_NAME;
|
||||
const char *s = name, *c = s;
|
||||
const char *end = s + strlen(s);
|
||||
const char *oid = NULL;
|
||||
|
@ -177,6 +177,9 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam
|
|||
|
||||
s = c + 1;
|
||||
in_tag = 1;
|
||||
|
||||
/* Successfully parsed one name, update ret to success */
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
if (!in_tag && s != c + 1) {
|
||||
|
|
|
@ -1944,16 +1944,19 @@ int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
|
|||
return 0;
|
||||
}
|
||||
|
||||
#define PRINT_ITEM(i) \
|
||||
{ \
|
||||
ret = mbedtls_snprintf(p, n, "%s" i, sep); \
|
||||
MBEDTLS_X509_SAFE_SNPRINTF; \
|
||||
sep = ", "; \
|
||||
}
|
||||
#define PRINT_ITEM(i) \
|
||||
do { \
|
||||
ret = mbedtls_snprintf(p, n, "%s" i, sep); \
|
||||
MBEDTLS_X509_SAFE_SNPRINTF; \
|
||||
sep = ", "; \
|
||||
} while (0)
|
||||
|
||||
#define CERT_TYPE(type, name) \
|
||||
if (ns_cert_type & (type)) \
|
||||
PRINT_ITEM(name);
|
||||
#define CERT_TYPE(type, name) \
|
||||
do { \
|
||||
if (ns_cert_type & (type)) { \
|
||||
PRINT_ITEM(name); \
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
static int x509_info_cert_type(char **buf, size_t *size,
|
||||
unsigned char ns_cert_type)
|
||||
|
@ -1978,9 +1981,12 @@ static int x509_info_cert_type(char **buf, size_t *size,
|
|||
return 0;
|
||||
}
|
||||
|
||||
#define KEY_USAGE(code, name) \
|
||||
if (key_usage & (code)) \
|
||||
PRINT_ITEM(name);
|
||||
#define KEY_USAGE(code, name) \
|
||||
do { \
|
||||
if (key_usage & (code)) { \
|
||||
PRINT_ITEM(name); \
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
static int x509_info_key_usage(char **buf, size_t *size,
|
||||
unsigned int key_usage)
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
diff --git a/thirdparty/mbedtls/library/timing.c b/thirdparty/mbedtls/library/timing.c
|
||||
index 47e34f9227..eeb1d503a8 100644
|
||||
index 94b55b3715..58c2c2730d 100644
|
||||
--- a/thirdparty/mbedtls/library/timing.c
|
||||
+++ b/thirdparty/mbedtls/library/timing.c
|
||||
@@ -188,8 +188,10 @@ unsigned long mbedtls_timing_hardclock(void)
|
||||
@@ -190,8 +190,10 @@ unsigned long mbedtls_timing_hardclock(void)
|
||||
#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
|
||||
__GNUC__ && __ia64__ */
|
||||
|
||||
|
|
Loading…
Reference in New Issue