mbedtls: Update to upstream version 2.16.2

(cherry picked from commit 6321cc8da3)
This commit is contained in:
Rémi Verschelde 2019-07-10 16:15:01 +02:00
parent eb29bd988c
commit cfa50d67d2
86 changed files with 2994 additions and 876 deletions

View File

@ -285,10 +285,10 @@ Godot build configurations, check them out when updating.
## mbedtls ## mbedtls
- Upstream: https://tls.mbed.org/ - Upstream: https://tls.mbed.org/
- Version: 2.16.0 - Version: 2.16.2
- License: Apache 2.0 - License: Apache 2.0
File extracted from upstream release tarball `mbedtls-2.16.0-apache.tgz`: File extracted from upstream release tarball (`-apache.tgz` variant):
- All `*.h` from `include/mbedtls/` to `thirdparty/mbedtls/include/mbedtls/` - All `*.h` from `include/mbedtls/` to `thirdparty/mbedtls/include/mbedtls/`
- All `*.c` from `library/` to `thirdparty/mbedtls/library/` - All `*.c` from `library/` to `thirdparty/mbedtls/library/`
- Applied the patch in `thirdparty/mbedtls/1453.diff` (PR 1453). Soon to be merged upstream. Check it out at next update. - Applied the patch in `thirdparty/mbedtls/1453.diff` (PR 1453). Soon to be merged upstream. Check it out at next update.

View File

@ -655,6 +655,8 @@ MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine. * \brief Checkup routine.
* *
@ -663,6 +665,8 @@ MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
*/ */
int mbedtls_aes_self_test( int verbose ); int mbedtls_aes_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -27,6 +27,12 @@
#ifndef MBEDTLS_AESNI_H #ifndef MBEDTLS_AESNI_H
#define MBEDTLS_AESNI_H #define MBEDTLS_AESNI_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "aes.h" #include "aes.h"
#define MBEDTLS_AESNI_AES 0x02000000u #define MBEDTLS_AESNI_AES 0x02000000u

View File

@ -123,6 +123,8 @@ void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -135,6 +137,8 @@ int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned
*/ */
int mbedtls_arc4_self_test( int verbose ); int mbedtls_arc4_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -24,14 +24,21 @@
#ifndef MBEDTLS_ASN1_WRITE_H #ifndef MBEDTLS_ASN1_WRITE_H
#define MBEDTLS_ASN1_WRITE_H #define MBEDTLS_ASN1_WRITE_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "asn1.h" #include "asn1.h"
#define MBEDTLS_ASN1_CHK_ADD(g, f) \ #define MBEDTLS_ASN1_CHK_ADD(g, f) \
do { \ do \
if( ( ret = f ) < 0 ) \ { \
if( ( ret = (f) ) < 0 ) \
return( ret ); \ return( ret ); \
else \ else \
g += ret; \ (g) += ret; \
} while( 0 ) } while( 0 )
#ifdef __cplusplus #ifdef __cplusplus

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_BASE64_H #ifndef MBEDTLS_BASE64_H
#define MBEDTLS_BASE64_H #define MBEDTLS_BASE64_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h> #include <stddef.h>
#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ #define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */
@ -75,6 +81,7 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen ); const unsigned char *src, size_t slen );
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -82,6 +89,8 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
*/ */
int mbedtls_base64_self_test( int verbose ); int mbedtls_base64_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -46,7 +46,12 @@
#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */ #define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */
#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 /**< Memory allocation failed. */ #define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 /**< Memory allocation failed. */
#define MBEDTLS_MPI_CHK(f) do { if( ( ret = f ) != 0 ) goto cleanup; } while( 0 ) #define MBEDTLS_MPI_CHK(f) \
do \
{ \
if( ( ret = (f) ) != 0 ) \
goto cleanup; \
} while( 0 )
/* /*
* Maximum size MPIs are allowed to grow to in number of limbs. * Maximum size MPIs are allowed to grow to in number of limbs.
@ -943,6 +948,8 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -950,6 +957,8 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
*/ */
int mbedtls_mpi_self_test( int verbose ); int mbedtls_mpi_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -38,6 +38,12 @@
#ifndef MBEDTLS_BN_MUL_H #ifndef MBEDTLS_BN_MUL_H
#define MBEDTLS_BN_MUL_H #define MBEDTLS_BN_MUL_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "bignum.h" #include "bignum.h"
#if defined(MBEDTLS_HAVE_ASM) #if defined(MBEDTLS_HAVE_ASM)
@ -750,7 +756,7 @@
"sw $10, %2 \n\t" \ "sw $10, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \ : "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \ : "m" (s), "m" (d), "m" (c), "m" (b) \
: "$9", "$10", "$11", "$12", "$13", "$14", "$15" \ : "$9", "$10", "$11", "$12", "$13", "$14", "$15", "lo", "hi" \
); );
#endif /* MIPS */ #endif /* MIPS */

View File

@ -308,6 +308,8 @@ int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
unsigned char *output ); unsigned char *output );
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -315,6 +317,8 @@ int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
*/ */
int mbedtls_camellia_self_test( int verbose ); int mbedtls_camellia_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -49,6 +49,12 @@
#ifndef MBEDTLS_CCM_H #ifndef MBEDTLS_CCM_H
#define MBEDTLS_CCM_H #define MBEDTLS_CCM_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "cipher.h" #include "cipher.h"
#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */ #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */

View File

@ -24,74 +24,226 @@
#ifndef MBEDTLS_CERTS_H #ifndef MBEDTLS_CERTS_H
#define MBEDTLS_CERTS_H #define MBEDTLS_CERTS_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h> #include <stddef.h>
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/* List of all PEM-encoded CA certificates, terminated by NULL;
* PEM encoded if MBEDTLS_PEM_PARSE_C is enabled, DER encoded
* otherwise. */
extern const char * mbedtls_test_cas[];
extern const size_t mbedtls_test_cas_len[];
/* List of all DER-encoded CA certificates, terminated by NULL */
extern const unsigned char * mbedtls_test_cas_der[];
extern const size_t mbedtls_test_cas_der_len[];
#if defined(MBEDTLS_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
/* Concatenation of all CA certificates in PEM format if available */ /* Concatenation of all CA certificates in PEM format if available */
extern const char mbedtls_test_cas_pem[]; extern const char mbedtls_test_cas_pem[];
extern const size_t mbedtls_test_cas_pem_len; extern const size_t mbedtls_test_cas_pem_len;
#endif #endif /* MBEDTLS_PEM_PARSE_C */
/* List of all CA certificates, terminated by NULL */
extern const char * mbedtls_test_cas[];
extern const size_t mbedtls_test_cas_len[];
/* /*
* Convenience for users who just want a certificate: * CA test certificates
* RSA by default, or ECDSA if RSA is not available
*/ */
extern const char * mbedtls_test_ca_crt;
extern const size_t mbedtls_test_ca_crt_len;
extern const char * mbedtls_test_ca_key;
extern const size_t mbedtls_test_ca_key_len;
extern const char * mbedtls_test_ca_pwd;
extern const size_t mbedtls_test_ca_pwd_len;
extern const char * mbedtls_test_srv_crt;
extern const size_t mbedtls_test_srv_crt_len;
extern const char * mbedtls_test_srv_key;
extern const size_t mbedtls_test_srv_key_len;
extern const char * mbedtls_test_cli_crt;
extern const size_t mbedtls_test_cli_crt_len;
extern const char * mbedtls_test_cli_key;
extern const size_t mbedtls_test_cli_key_len;
#if defined(MBEDTLS_ECDSA_C) extern const char mbedtls_test_ca_crt_ec_pem[];
extern const char mbedtls_test_ca_key_ec_pem[];
extern const char mbedtls_test_ca_pwd_ec_pem[];
extern const char mbedtls_test_ca_key_rsa_pem[];
extern const char mbedtls_test_ca_pwd_rsa_pem[];
extern const char mbedtls_test_ca_crt_rsa_sha1_pem[];
extern const char mbedtls_test_ca_crt_rsa_sha256_pem[];
extern const unsigned char mbedtls_test_ca_crt_ec_der[];
extern const unsigned char mbedtls_test_ca_key_ec_der[];
extern const unsigned char mbedtls_test_ca_key_rsa_der[];
extern const unsigned char mbedtls_test_ca_crt_rsa_sha1_der[];
extern const unsigned char mbedtls_test_ca_crt_rsa_sha256_der[];
extern const size_t mbedtls_test_ca_crt_ec_pem_len;
extern const size_t mbedtls_test_ca_key_ec_pem_len;
extern const size_t mbedtls_test_ca_pwd_ec_pem_len;
extern const size_t mbedtls_test_ca_key_rsa_pem_len;
extern const size_t mbedtls_test_ca_pwd_rsa_pem_len;
extern const size_t mbedtls_test_ca_crt_rsa_sha1_pem_len;
extern const size_t mbedtls_test_ca_crt_rsa_sha256_pem_len;
extern const size_t mbedtls_test_ca_crt_ec_der_len;
extern const size_t mbedtls_test_ca_key_ec_der_len;
extern const size_t mbedtls_test_ca_pwd_ec_der_len;
extern const size_t mbedtls_test_ca_key_rsa_der_len;
extern const size_t mbedtls_test_ca_pwd_rsa_der_len;
extern const size_t mbedtls_test_ca_crt_rsa_sha1_der_len;
extern const size_t mbedtls_test_ca_crt_rsa_sha256_der_len;
/* Config-dependent dispatch between PEM and DER encoding
* (PEM if enabled, otherwise DER) */
extern const char mbedtls_test_ca_crt_ec[]; extern const char mbedtls_test_ca_crt_ec[];
extern const size_t mbedtls_test_ca_crt_ec_len;
extern const char mbedtls_test_ca_key_ec[]; extern const char mbedtls_test_ca_key_ec[];
extern const size_t mbedtls_test_ca_key_ec_len;
extern const char mbedtls_test_ca_pwd_ec[]; extern const char mbedtls_test_ca_pwd_ec[];
extern const size_t mbedtls_test_ca_pwd_ec_len; extern const char mbedtls_test_ca_key_rsa[];
extern const char mbedtls_test_srv_crt_ec[]; extern const char mbedtls_test_ca_pwd_rsa[];
extern const size_t mbedtls_test_srv_crt_ec_len; extern const char mbedtls_test_ca_crt_rsa_sha1[];
extern const char mbedtls_test_srv_key_ec[]; extern const char mbedtls_test_ca_crt_rsa_sha256[];
extern const size_t mbedtls_test_srv_key_ec_len;
extern const char mbedtls_test_cli_crt_ec[]; extern const size_t mbedtls_test_ca_crt_ec_len;
extern const size_t mbedtls_test_cli_crt_ec_len; extern const size_t mbedtls_test_ca_key_ec_len;
extern const char mbedtls_test_cli_key_ec[]; extern const size_t mbedtls_test_ca_pwd_ec_len;
extern const size_t mbedtls_test_cli_key_ec_len; extern const size_t mbedtls_test_ca_key_rsa_len;
#endif extern const size_t mbedtls_test_ca_pwd_rsa_len;
extern const size_t mbedtls_test_ca_crt_rsa_sha1_len;
extern const size_t mbedtls_test_ca_crt_rsa_sha256_len;
/* Config-dependent dispatch between SHA-1 and SHA-256
* (SHA-256 if enabled, otherwise SHA-1) */
#if defined(MBEDTLS_RSA_C)
extern const char mbedtls_test_ca_crt_rsa[]; extern const char mbedtls_test_ca_crt_rsa[];
extern const size_t mbedtls_test_ca_crt_rsa_len; extern const size_t mbedtls_test_ca_crt_rsa_len;
extern const char mbedtls_test_ca_key_rsa[];
extern const size_t mbedtls_test_ca_key_rsa_len; /* Config-dependent dispatch between EC and RSA
extern const char mbedtls_test_ca_pwd_rsa[]; * (RSA if enabled, otherwise EC) */
extern const size_t mbedtls_test_ca_pwd_rsa_len;
extern const char * mbedtls_test_ca_crt;
extern const char * mbedtls_test_ca_key;
extern const char * mbedtls_test_ca_pwd;
extern const size_t mbedtls_test_ca_crt_len;
extern const size_t mbedtls_test_ca_key_len;
extern const size_t mbedtls_test_ca_pwd_len;
/*
* Server test certificates
*/
extern const char mbedtls_test_srv_crt_ec_pem[];
extern const char mbedtls_test_srv_key_ec_pem[];
extern const char mbedtls_test_srv_pwd_ec_pem[];
extern const char mbedtls_test_srv_key_rsa_pem[];
extern const char mbedtls_test_srv_pwd_rsa_pem[];
extern const char mbedtls_test_srv_crt_rsa_sha1_pem[];
extern const char mbedtls_test_srv_crt_rsa_sha256_pem[];
extern const unsigned char mbedtls_test_srv_crt_ec_der[];
extern const unsigned char mbedtls_test_srv_key_ec_der[];
extern const unsigned char mbedtls_test_srv_key_rsa_der[];
extern const unsigned char mbedtls_test_srv_crt_rsa_sha1_der[];
extern const unsigned char mbedtls_test_srv_crt_rsa_sha256_der[];
extern const size_t mbedtls_test_srv_crt_ec_pem_len;
extern const size_t mbedtls_test_srv_key_ec_pem_len;
extern const size_t mbedtls_test_srv_pwd_ec_pem_len;
extern const size_t mbedtls_test_srv_key_rsa_pem_len;
extern const size_t mbedtls_test_srv_pwd_rsa_pem_len;
extern const size_t mbedtls_test_srv_crt_rsa_sha1_pem_len;
extern const size_t mbedtls_test_srv_crt_rsa_sha256_pem_len;
extern const size_t mbedtls_test_srv_crt_ec_der_len;
extern const size_t mbedtls_test_srv_key_ec_der_len;
extern const size_t mbedtls_test_srv_pwd_ec_der_len;
extern const size_t mbedtls_test_srv_key_rsa_der_len;
extern const size_t mbedtls_test_srv_pwd_rsa_der_len;
extern const size_t mbedtls_test_srv_crt_rsa_sha1_der_len;
extern const size_t mbedtls_test_srv_crt_rsa_sha256_der_len;
/* Config-dependent dispatch between PEM and DER encoding
* (PEM if enabled, otherwise DER) */
extern const char mbedtls_test_srv_crt_ec[];
extern const char mbedtls_test_srv_key_ec[];
extern const char mbedtls_test_srv_pwd_ec[];
extern const char mbedtls_test_srv_key_rsa[];
extern const char mbedtls_test_srv_pwd_rsa[];
extern const char mbedtls_test_srv_crt_rsa_sha1[];
extern const char mbedtls_test_srv_crt_rsa_sha256[];
extern const size_t mbedtls_test_srv_crt_ec_len;
extern const size_t mbedtls_test_srv_key_ec_len;
extern const size_t mbedtls_test_srv_pwd_ec_len;
extern const size_t mbedtls_test_srv_key_rsa_len;
extern const size_t mbedtls_test_srv_pwd_rsa_len;
extern const size_t mbedtls_test_srv_crt_rsa_sha1_len;
extern const size_t mbedtls_test_srv_crt_rsa_sha256_len;
/* Config-dependent dispatch between SHA-1 and SHA-256
* (SHA-256 if enabled, otherwise SHA-1) */
extern const char mbedtls_test_srv_crt_rsa[]; extern const char mbedtls_test_srv_crt_rsa[];
extern const size_t mbedtls_test_srv_crt_rsa_len; extern const size_t mbedtls_test_srv_crt_rsa_len;
extern const char mbedtls_test_srv_key_rsa[];
extern const size_t mbedtls_test_srv_key_rsa_len; /* Config-dependent dispatch between EC and RSA
extern const char mbedtls_test_cli_crt_rsa[]; * (RSA if enabled, otherwise EC) */
extern const size_t mbedtls_test_cli_crt_rsa_len;
extern const char * mbedtls_test_srv_crt;
extern const char * mbedtls_test_srv_key;
extern const char * mbedtls_test_srv_pwd;
extern const size_t mbedtls_test_srv_crt_len;
extern const size_t mbedtls_test_srv_key_len;
extern const size_t mbedtls_test_srv_pwd_len;
/*
* Client test certificates
*/
extern const char mbedtls_test_cli_crt_ec_pem[];
extern const char mbedtls_test_cli_key_ec_pem[];
extern const char mbedtls_test_cli_pwd_ec_pem[];
extern const char mbedtls_test_cli_key_rsa_pem[];
extern const char mbedtls_test_cli_pwd_rsa_pem[];
extern const char mbedtls_test_cli_crt_rsa_pem[];
extern const unsigned char mbedtls_test_cli_crt_ec_der[];
extern const unsigned char mbedtls_test_cli_key_ec_der[];
extern const unsigned char mbedtls_test_cli_key_rsa_der[];
extern const unsigned char mbedtls_test_cli_crt_rsa_der[];
extern const size_t mbedtls_test_cli_crt_ec_pem_len;
extern const size_t mbedtls_test_cli_key_ec_pem_len;
extern const size_t mbedtls_test_cli_pwd_ec_pem_len;
extern const size_t mbedtls_test_cli_key_rsa_pem_len;
extern const size_t mbedtls_test_cli_pwd_rsa_pem_len;
extern const size_t mbedtls_test_cli_crt_rsa_pem_len;
extern const size_t mbedtls_test_cli_crt_ec_der_len;
extern const size_t mbedtls_test_cli_key_ec_der_len;
extern const size_t mbedtls_test_cli_key_rsa_der_len;
extern const size_t mbedtls_test_cli_crt_rsa_der_len;
/* Config-dependent dispatch between PEM and DER encoding
* (PEM if enabled, otherwise DER) */
extern const char mbedtls_test_cli_crt_ec[];
extern const char mbedtls_test_cli_key_ec[];
extern const char mbedtls_test_cli_pwd_ec[];
extern const char mbedtls_test_cli_key_rsa[]; extern const char mbedtls_test_cli_key_rsa[];
extern const char mbedtls_test_cli_pwd_rsa[];
extern const char mbedtls_test_cli_crt_rsa[];
extern const size_t mbedtls_test_cli_crt_ec_len;
extern const size_t mbedtls_test_cli_key_ec_len;
extern const size_t mbedtls_test_cli_pwd_ec_len;
extern const size_t mbedtls_test_cli_key_rsa_len; extern const size_t mbedtls_test_cli_key_rsa_len;
#endif extern const size_t mbedtls_test_cli_pwd_rsa_len;
extern const size_t mbedtls_test_cli_crt_rsa_len;
/* Config-dependent dispatch between EC and RSA
* (RSA if enabled, otherwise EC) */
extern const char * mbedtls_test_cli_crt;
extern const char * mbedtls_test_cli_key;
extern const char * mbedtls_test_cli_pwd;
extern const size_t mbedtls_test_cli_crt_len;
extern const size_t mbedtls_test_cli_key_len;
extern const size_t mbedtls_test_cli_pwd_len;
#ifdef __cplusplus #ifdef __cplusplus
} }

View File

@ -36,7 +36,7 @@
#endif #endif
#include <stddef.h> #include <stddef.h>
#include "mbedtls/platform_util.h" #include "platform_util.h"
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
#define MBEDTLS_CIPHER_MODE_AEAD #define MBEDTLS_CIPHER_MODE_AEAD

View File

@ -28,6 +28,12 @@
#ifndef MBEDTLS_CMAC_H #ifndef MBEDTLS_CMAC_H
#define MBEDTLS_CMAC_H #define MBEDTLS_CMAC_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "cipher.h" #include "cipher.h"
#ifdef __cplusplus #ifdef __cplusplus

View File

@ -25,6 +25,12 @@
* This file is part of mbed TLS (https://tls.mbed.org) * This file is part of mbed TLS (https://tls.mbed.org)
*/ */
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if ! defined(MBEDTLS_DEPRECATED_REMOVED) #if ! defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING) #if defined(MBEDTLS_DEPRECATED_WARNING)

View File

@ -686,6 +686,26 @@
*/ */
#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
/**
* \def MBEDTLS_REMOVE_3DES_CIPHERSUITES
*
* Remove 3DES ciphersuites by default in SSL / TLS.
* This flag removes the ciphersuites based on 3DES from the default list as
* returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible
* to enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including
* them explicitly.
*
* A man-in-the-browser attacker can recover authentication tokens sent through
* a TLS connection using a 3DES based cipher suite (see "On the Practical
* (In-)Security of 64-bit Block Ciphers" by Karthikeyan Bhargavan and Gaëtan
* Leurent, see https://sweet32.info/SWEET32_CCS16.pdf). If this attack falls
* in your threat model or you are unsure, then you should keep this option
* enabled to remove 3DES based cipher suites.
*
* Comment this macro to keep 3DES in the default ciphersuite list.
*/
#define MBEDTLS_REMOVE_3DES_CIPHERSUITES
/** /**
* \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
* *
@ -1622,7 +1642,9 @@
* *
* Uncomment this to enable pthread mutexes. * Uncomment this to enable pthread mutexes.
*/ */
// -- GODOT start --
//#define MBEDTLS_THREADING_PTHREAD //#define MBEDTLS_THREADING_PTHREAD
// -- GODOT end --
/** /**
* \def MBEDTLS_VERSION_FEATURES * \def MBEDTLS_VERSION_FEATURES
@ -2816,7 +2838,9 @@
* *
* Enable this layer to allow use of mutexes within mbed TLS * Enable this layer to allow use of mutexes within mbed TLS
*/ */
// -- GODOT start --
//#define MBEDTLS_THREADING_C //#define MBEDTLS_THREADING_C
// -- GODOT end --
/** /**
* \def MBEDTLS_TIMING_C * \def MBEDTLS_TIMING_C

View File

@ -36,6 +36,12 @@
#ifndef MBEDTLS_CTR_DRBG_H #ifndef MBEDTLS_CTR_DRBG_H
#define MBEDTLS_CTR_DRBG_H #define MBEDTLS_CTR_DRBG_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "aes.h" #include "aes.h"
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
@ -350,6 +356,8 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief The CTR_DRBG checkup routine. * \brief The CTR_DRBG checkup routine.
* *
@ -358,6 +366,8 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
*/ */
int mbedtls_ctr_drbg_self_test( int verbose ); int mbedtls_ctr_drbg_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
/* Internal functions (do not call directly) */ /* Internal functions (do not call directly) */
int mbedtls_ctr_drbg_seed_entropy_len( mbedtls_ctr_drbg_context *, int mbedtls_ctr_drbg_seed_entropy_len( mbedtls_ctr_drbg_context *,
int (*)(void *, unsigned char *, size_t), void *, int (*)(void *, unsigned char *, size_t), void *,

View File

@ -338,6 +338,8 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
void mbedtls_des_setkey( uint32_t SK[32], void mbedtls_des_setkey( uint32_t SK[32],
const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -345,6 +347,8 @@ void mbedtls_des_setkey( uint32_t SK[32],
*/ */
int mbedtls_des_self_test( int verbose ); int mbedtls_des_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -334,6 +334,8 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief The DMH checkup routine. * \brief The DMH checkup routine.
* *
@ -342,6 +344,7 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
*/ */
int mbedtls_dhm_self_test( int verbose ); int mbedtls_dhm_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -34,6 +34,12 @@
#ifndef MBEDTLS_ECDH_H #ifndef MBEDTLS_ECDH_H
#define MBEDTLS_ECDH_H #define MBEDTLS_ECDH_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "ecp.h" #include "ecp.h"
/* /*

View File

@ -32,6 +32,12 @@
#ifndef MBEDTLS_ECDSA_H #ifndef MBEDTLS_ECDSA_H
#define MBEDTLS_ECDSA_H #define MBEDTLS_ECDSA_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "ecp.h" #include "ecp.h"
#include "md.h" #include "md.h"

View File

@ -40,6 +40,11 @@
* The payloads are serialized in a way suitable for use in TLS, but could * The payloads are serialized in a way suitable for use in TLS, but could
* also be use outside TLS. * also be use outside TLS.
*/ */
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "ecp.h" #include "ecp.h"
#include "md.h" #include "md.h"

View File

@ -36,6 +36,12 @@
#ifndef MBEDTLS_ECP_H #ifndef MBEDTLS_ECP_H
#define MBEDTLS_ECP_H #define MBEDTLS_ECP_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "bignum.h" #include "bignum.h"
/* /*
@ -189,6 +195,68 @@ typedef struct mbedtls_ecp_group
} }
mbedtls_ecp_group; mbedtls_ecp_group;
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h, or define them using the compiler command line.
* \{
*/
#if !defined(MBEDTLS_ECP_MAX_BITS)
/**
* The maximum size of the groups, that is, of \c N and \c P.
*/
#define MBEDTLS_ECP_MAX_BITS 521 /**< The maximum size of groups, in bits. */
#endif
#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
* Default: 6.
* Minimum value: 2. Maximum value: 7.
*
* Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
* points used for point multiplication. This value is directly tied to EC
* peak memory usage, so decreasing it by one should roughly cut memory usage
* by two (if large curves are in use).
*
* Reduction in size may reduce speed, but larger curves are impacted first.
* Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
* w-size: 6 5 4 3 2
* 521 145 141 135 120 97
* 384 214 209 198 177 146
* 256 320 320 303 262 226
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */
#endif /* MBEDTLS_ECP_WINDOW_SIZE */
#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
/*
* Trade memory for speed on fixed-point multiplication.
*
* This speeds up repeated multiplication of the generator (that is, the
* multiplication in ECDSA signatures, and half of the multiplications in
* ECDSA verification and ECDHE) by a factor roughly 3 to 4.
*
* The cost is increasing EC peak memory usage by a factor roughly 2.
*
* Change this value to 0 to reduce peak memory usage.
*/
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */
#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
/* \} name SECTION: Module settings */
#else /* MBEDTLS_ECP_ALT */
#include "ecp_alt.h"
#endif /* MBEDTLS_ECP_ALT */
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
@ -253,68 +321,6 @@ typedef void mbedtls_ecp_restart_ctx;
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h, or define them using the compiler command line.
* \{
*/
#if !defined(MBEDTLS_ECP_MAX_BITS)
/**
* The maximum size of the groups, that is, of \c N and \c P.
*/
#define MBEDTLS_ECP_MAX_BITS 521 /**< The maximum size of groups, in bits. */
#endif
#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
* Default: 6.
* Minimum value: 2. Maximum value: 7.
*
* Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
* points used for point multiplication. This value is directly tied to EC
* peak memory usage, so decreasing it by one should roughly cut memory usage
* by two (if large curves are in use).
*
* Reduction in size may reduce speed, but larger curves are impacted first.
* Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
* w-size: 6 5 4 3 2
* 521 145 141 135 120 97
* 384 214 209 198 177 146
* 256 320 320 303 262 226
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */
#endif /* MBEDTLS_ECP_WINDOW_SIZE */
#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
/*
* Trade memory for speed on fixed-point multiplication.
*
* This speeds up repeated multiplication of the generator (that is, the
* multiplication in ECDSA signatures, and half of the multiplications in
* ECDSA verification and ECDHE) by a factor roughly 3 to 4.
*
* The cost is increasing EC peak memory usage by a factor roughly 2.
*
* Change this value to 0 to reduce peak memory usage.
*/
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */
#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
/* \} name SECTION: Module settings */
#else /* MBEDTLS_ECP_ALT */
#include "ecp_alt.h"
#endif /* MBEDTLS_ECP_ALT */
/** /**
* \brief The ECP key-pair structure. * \brief The ECP key-pair structure.
* *
@ -476,7 +482,7 @@ void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
* *
* \note After this function is called, domain parameters * \note After this function is called, domain parameters
* for various ECP groups can be loaded through the * for various ECP groups can be loaded through the
* mbedtls_ecp_load() or mbedtls_ecp_tls_read_group() * mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group()
* functions. * functions.
*/ */
void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ); void mbedtls_ecp_group_init( mbedtls_ecp_group *grp );

View File

@ -61,6 +61,12 @@
#ifndef MBEDTLS_ECP_INTERNAL_H #ifndef MBEDTLS_ECP_INTERNAL_H
#define MBEDTLS_ECP_INTERNAL_H #define MBEDTLS_ECP_INTERNAL_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_ECP_INTERNAL_ALT) #if defined(MBEDTLS_ECP_INTERNAL_ALT)
/** /**

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_ERROR_H #ifndef MBEDTLS_ERROR_H
#define MBEDTLS_ERROR_H #define MBEDTLS_ERROR_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h> #include <stddef.h>
/** /**

View File

@ -33,6 +33,12 @@
#ifndef MBEDTLS_GCM_H #ifndef MBEDTLS_GCM_H
#define MBEDTLS_GCM_H #define MBEDTLS_GCM_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "cipher.h" #include "cipher.h"
#include <stdint.h> #include <stdint.h>
@ -300,6 +306,8 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
*/ */
void mbedtls_gcm_free( mbedtls_gcm_context *ctx ); void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief The GCM checkup routine. * \brief The GCM checkup routine.
* *
@ -308,6 +316,8 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
*/ */
int mbedtls_gcm_self_test( int verbose ); int mbedtls_gcm_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_HAVEGE_H #ifndef MBEDTLS_HAVEGE_H
#define MBEDTLS_HAVEGE_H #define MBEDTLS_HAVEGE_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h> #include <stddef.h>
#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024 #define MBEDTLS_HAVEGE_COLLECT_SIZE 1024

View File

@ -27,6 +27,12 @@
#ifndef MBEDTLS_HKDF_H #ifndef MBEDTLS_HKDF_H
#define MBEDTLS_HKDF_H #define MBEDTLS_HKDF_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "md.h" #include "md.h"
/** /**

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_HMAC_DRBG_H #ifndef MBEDTLS_HMAC_DRBG_H
#define MBEDTLS_HMAC_DRBG_H #define MBEDTLS_HMAC_DRBG_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "md.h" #include "md.h"
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)

View File

@ -283,6 +283,8 @@ MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input,
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -295,6 +297,8 @@ MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input,
*/ */
int mbedtls_md2_self_test( int verbose ); int mbedtls_md2_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -288,6 +288,8 @@ MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input,
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -300,6 +302,8 @@ MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input,
*/ */
int mbedtls_md4_self_test( int verbose ); int mbedtls_md4_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -288,6 +288,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input,
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -300,6 +302,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input,
*/ */
int mbedtls_md5_self_test( int verbose ); int mbedtls_md5_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -23,6 +23,11 @@
* *
* This file is part of mbed TLS (https://tls.mbed.org) * This file is part of mbed TLS (https://tls.mbed.org)
*/ */
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#include "net_sockets.h" #include "net_sockets.h"

View File

@ -37,6 +37,12 @@
#ifndef MBEDTLS_NIST_KW_H #ifndef MBEDTLS_NIST_KW_H
#define MBEDTLS_NIST_KW_H #define MBEDTLS_NIST_KW_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "cipher.h" #include "cipher.h"
#ifdef __cplusplus #ifdef __cplusplus

View File

@ -28,6 +28,12 @@
#ifndef MBEDTLS_PADLOCK_H #ifndef MBEDTLS_PADLOCK_H
#define MBEDTLS_PADLOCK_H #define MBEDTLS_PADLOCK_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "aes.h" #include "aes.h"
#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ #define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */
@ -53,7 +59,7 @@
#define MBEDTLS_PADLOCK_PHE 0x0C00 #define MBEDTLS_PADLOCK_PHE 0x0C00
#define MBEDTLS_PADLOCK_PMM 0x3000 #define MBEDTLS_PADLOCK_PMM 0x3000
#define MBEDTLS_PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) x & ~15)) #define MBEDTLS_PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) (x) & ~15))
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_PEM_H #ifndef MBEDTLS_PEM_H
#define MBEDTLS_PEM_H #define MBEDTLS_PEM_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h> #include <stddef.h>
/** /**

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_PKCS12_H #ifndef MBEDTLS_PKCS12_H
#define MBEDTLS_PKCS12_H #define MBEDTLS_PKCS12_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "md.h" #include "md.h"
#include "cipher.h" #include "cipher.h"
#include "asn1.h" #include "asn1.h"

View File

@ -26,6 +26,12 @@
#ifndef MBEDTLS_PKCS5_H #ifndef MBEDTLS_PKCS5_H
#define MBEDTLS_PKCS5_H #define MBEDTLS_PKCS5_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "asn1.h" #include "asn1.h"
#include "md.h" #include "md.h"
@ -85,6 +91,8 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
unsigned int iteration_count, unsigned int iteration_count,
uint32_t key_length, unsigned char *output ); uint32_t key_length, unsigned char *output );
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -92,6 +100,8 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
*/ */
int mbedtls_pkcs5_self_test( int verbose ); int mbedtls_pkcs5_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -26,14 +26,14 @@
#define MBEDTLS_PLATFORM_UTIL_H #define MBEDTLS_PLATFORM_UTIL_H
#if !defined(MBEDTLS_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "config.h"
#else #else
#include MBEDTLS_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
#if defined(MBEDTLS_HAVE_TIME_DATE) #if defined(MBEDTLS_HAVE_TIME_DATE)
#include "mbedtls/platform_time.h" #include "platform_time.h"
#include <time.h> #include <time.h>
#endif /* MBEDTLS_HAVE_TIME_DATE */ #endif /* MBEDTLS_HAVE_TIME_DATE */

View File

@ -34,7 +34,7 @@
#define MBEDTLS_POLY1305_H #define MBEDTLS_POLY1305_H
#if !defined(MBEDTLS_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "config.h"
#else #else
#include MBEDTLS_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif

View File

@ -219,6 +219,8 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input,
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -226,6 +228,8 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input,
*/ */
int mbedtls_ripemd160_self_test( int verbose ); int mbedtls_ripemd160_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -1252,6 +1252,8 @@ int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src )
*/ */
void mbedtls_rsa_free( mbedtls_rsa_context *ctx ); void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief The RSA checkup routine. * \brief The RSA checkup routine.
* *
@ -1260,6 +1262,8 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
*/ */
int mbedtls_rsa_self_test( int verbose ); int mbedtls_rsa_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -328,6 +328,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief The SHA-1 checkup routine. * \brief The SHA-1 checkup routine.
* *
@ -341,6 +343,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
*/ */
int mbedtls_sha1_self_test( int verbose ); int mbedtls_sha1_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -278,6 +278,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief The SHA-224 and SHA-256 checkup routine. * \brief The SHA-224 and SHA-256 checkup routine.
* *
@ -286,6 +288,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
*/ */
int mbedtls_sha256_self_test( int verbose ); int mbedtls_sha256_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -253,6 +253,7 @@ int mbedtls_sha512_ret( const unsigned char *input,
#else #else
#define MBEDTLS_DEPRECATED #define MBEDTLS_DEPRECATED
#endif #endif
/** /**
* \brief This function calculates the SHA-512 or SHA-384 * \brief This function calculates the SHA-512 or SHA-384
* checksum of a buffer. * checksum of a buffer.
@ -280,6 +281,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input,
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief The SHA-384 or SHA-512 checkup routine. * \brief The SHA-384 or SHA-512 checkup routine.
* *
@ -287,6 +291,7 @@ MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input,
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_sha512_self_test( int verbose ); int mbedtls_sha512_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }

View File

@ -2532,22 +2532,28 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
/** /**
* \brief Set the maximum fragment length to emit and/or negotiate * \brief Set the maximum fragment length to emit and/or negotiate.
* (Default: the smaller of MBEDTLS_SSL_IN_CONTENT_LEN and * (Typical: the smaller of #MBEDTLS_SSL_IN_CONTENT_LEN and
* MBEDTLS_SSL_OUT_CONTENT_LEN, usually 2^14 bytes) * #MBEDTLS_SSL_OUT_CONTENT_LEN, usually `2^14` bytes)
* (Server: set maximum fragment length to emit, * (Server: set maximum fragment length to emit,
* usually negotiated by the client during handshake * usually negotiated by the client during handshake)
* (Client: set maximum fragment length to emit *and* * (Client: set maximum fragment length to emit *and*
* negotiate with the server during handshake) * negotiate with the server during handshake)
* (Default: #MBEDTLS_SSL_MAX_FRAG_LEN_NONE)
* *
* \note With TLS, this currently only affects ApplicationData (sent * \note On the client side, the maximum fragment length extension
* with \c mbedtls_ssl_read()), not handshake messages. * *will not* be used, unless the maximum fragment length has
* With DTLS, this affects both ApplicationData and handshake. * been set via this function to a value different than
* #MBEDTLS_SSL_MAX_FRAG_LEN_NONE.
* *
* \note This sets the maximum length for a record's payload, * \note This sets the maximum length for a record's payload,
* excluding record overhead that will be added to it, see * excluding record overhead that will be added to it, see
* \c mbedtls_ssl_get_record_expansion(). * \c mbedtls_ssl_get_record_expansion().
* *
* \note With TLS, this currently only affects ApplicationData (sent
* with \c mbedtls_ssl_read()), not handshake messages.
* With DTLS, this affects both ApplicationData and handshake.
*
* \note For DTLS, it is also possible to set a limit for the total * \note For DTLS, it is also possible to set a limit for the total
* size of daragrams passed to the transport layer, including * size of daragrams passed to the transport layer, including
* record overhead, see \c mbedtls_ssl_set_mtu(). * record overhead, see \c mbedtls_ssl_set_mtu().

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_SSL_CACHE_H #ifndef MBEDTLS_SSL_CACHE_H
#define MBEDTLS_SSL_CACHE_H #define MBEDTLS_SSL_CACHE_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "ssl.h" #include "ssl.h"
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_SSL_CIPHERSUITES_H #ifndef MBEDTLS_SSL_CIPHERSUITES_H
#define MBEDTLS_SSL_CIPHERSUITES_H #define MBEDTLS_SSL_CIPHERSUITES_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "pk.h" #include "pk.h"
#include "cipher.h" #include "cipher.h"
#include "md.h" #include "md.h"

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_SSL_COOKIE_H #ifndef MBEDTLS_SSL_COOKIE_H
#define MBEDTLS_SSL_COOKIE_H #define MBEDTLS_SSL_COOKIE_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "ssl.h" #include "ssl.h"
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_SSL_INTERNAL_H #ifndef MBEDTLS_SSL_INTERNAL_H
#define MBEDTLS_SSL_INTERNAL_H #define MBEDTLS_SSL_INTERNAL_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "ssl.h" #include "ssl.h"
#include "cipher.h" #include "cipher.h"

View File

@ -24,6 +24,12 @@
#ifndef MBEDTLS_SSL_TICKET_H #ifndef MBEDTLS_SSL_TICKET_H
#define MBEDTLS_SSL_TICKET_H #define MBEDTLS_SSL_TICKET_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
/* /*
* This implementation of the session ticket callbacks includes key * This implementation of the session ticket callbacks includes key
* management, rotating the keys periodically in order to preserve forward * management, rotating the keys periodically in order to preserve forward

View File

@ -40,16 +40,16 @@
*/ */
#define MBEDTLS_VERSION_MAJOR 2 #define MBEDTLS_VERSION_MAJOR 2
#define MBEDTLS_VERSION_MINOR 16 #define MBEDTLS_VERSION_MINOR 16
#define MBEDTLS_VERSION_PATCH 0 #define MBEDTLS_VERSION_PATCH 2
/** /**
* The single version number has the following structure: * The single version number has the following structure:
* MMNNPP00 * MMNNPP00
* Major version | Minor version | Patch version * Major version | Minor version | Patch version
*/ */
#define MBEDTLS_VERSION_NUMBER 0x02100000 #define MBEDTLS_VERSION_NUMBER 0x02100200
#define MBEDTLS_VERSION_STRING "2.16.0" #define MBEDTLS_VERSION_STRING "2.16.2"
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.0" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.2"
#if defined(MBEDTLS_VERSION_C) #if defined(MBEDTLS_VERSION_C)

View File

@ -269,6 +269,8 @@ int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
*/ */
int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -276,6 +278,8 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
*/ */
int mbedtls_x509_self_test( int verbose ); int mbedtls_x509_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
/* /*
* Internal module functions. You probably do not want to use these unless you * Internal module functions. You probably do not want to use these unless you
* know you do. * know you do.

View File

@ -98,7 +98,7 @@ mbedtls_x509_crt;
* Build flag from an algorithm/curve identifier (pk, md, ecp) * Build flag from an algorithm/curve identifier (pk, md, ecp)
* Since 0 is always XXX_NONE, ignore it. * Since 0 is always XXX_NONE, ignore it.
*/ */
#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( id - 1 ) ) #define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( (id) - 1 ) )
/** /**
* Security profile for certificate verification. * Security profile for certificate verification.

View File

@ -205,6 +205,14 @@ void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_ty
* \param key_usage key usage flags to set * \param key_usage key usage flags to set
* *
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*
* \note The <code>decipherOnly</code> flag from the Key Usage
* extension is represented by bit 8 (i.e.
* <code>0x8000</code>), which cannot typically be represented
* in an unsigned char. Therefore, the flag
* <code>decipherOnly</code> (i.e.
* #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this
* function.
*/ */
int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ); int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage );

View File

@ -121,6 +121,8 @@ int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx,
unsigned char *output); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
@ -128,6 +130,8 @@ int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx,
*/ */
int mbedtls_xtea_self_test( int verbose ); int mbedtls_xtea_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -395,9 +395,9 @@ static uint32_t RCON[10];
/* /*
* Tables generation code * Tables generation code
*/ */
#define ROTL8(x) ( ( x << 8 ) & 0xFFFFFFFF ) | ( x >> 24 ) #define ROTL8(x) ( ( (x) << 8 ) & 0xFFFFFFFF ) | ( (x) >> 24 )
#define XTIME(x) ( ( x << 1 ) ^ ( ( x & 0x80 ) ? 0x1B : 0x00 ) ) #define XTIME(x) ( ( (x) << 1 ) ^ ( ( (x) & 0x80 ) ? 0x1B : 0x00 ) )
#define MUL(x,y) ( ( x && y ) ? pow[(log[x]+log[y]) % 255] : 0 ) #define MUL(x,y) ( ( (x) && (y) ) ? pow[(log[(x)]+log[(y)]) % 255] : 0 )
static int aes_init_done = 0; static int aes_init_done = 0;
@ -816,50 +816,52 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */ #endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */
#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ #define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
{ \ do \
X0 = *RK++ ^ AES_FT0( ( Y0 ) & 0xFF ) ^ \ { \
AES_FT1( ( Y1 >> 8 ) & 0xFF ) ^ \ (X0) = *RK++ ^ AES_FT0( ( (Y0) ) & 0xFF ) ^ \
AES_FT2( ( Y2 >> 16 ) & 0xFF ) ^ \ AES_FT1( ( (Y1) >> 8 ) & 0xFF ) ^ \
AES_FT3( ( Y3 >> 24 ) & 0xFF ); \ AES_FT2( ( (Y2) >> 16 ) & 0xFF ) ^ \
AES_FT3( ( (Y3) >> 24 ) & 0xFF ); \
\ \
X1 = *RK++ ^ AES_FT0( ( Y1 ) & 0xFF ) ^ \ (X1) = *RK++ ^ AES_FT0( ( (Y1) ) & 0xFF ) ^ \
AES_FT1( ( Y2 >> 8 ) & 0xFF ) ^ \ AES_FT1( ( (Y2) >> 8 ) & 0xFF ) ^ \
AES_FT2( ( Y3 >> 16 ) & 0xFF ) ^ \ AES_FT2( ( (Y3) >> 16 ) & 0xFF ) ^ \
AES_FT3( ( Y0 >> 24 ) & 0xFF ); \ AES_FT3( ( (Y0) >> 24 ) & 0xFF ); \
\ \
X2 = *RK++ ^ AES_FT0( ( Y2 ) & 0xFF ) ^ \ (X2) = *RK++ ^ AES_FT0( ( (Y2) ) & 0xFF ) ^ \
AES_FT1( ( Y3 >> 8 ) & 0xFF ) ^ \ AES_FT1( ( (Y3) >> 8 ) & 0xFF ) ^ \
AES_FT2( ( Y0 >> 16 ) & 0xFF ) ^ \ AES_FT2( ( (Y0) >> 16 ) & 0xFF ) ^ \
AES_FT3( ( Y1 >> 24 ) & 0xFF ); \ AES_FT3( ( (Y1) >> 24 ) & 0xFF ); \
\ \
X3 = *RK++ ^ AES_FT0( ( Y3 ) & 0xFF ) ^ \ (X3) = *RK++ ^ AES_FT0( ( (Y3) ) & 0xFF ) ^ \
AES_FT1( ( Y0 >> 8 ) & 0xFF ) ^ \ AES_FT1( ( (Y0) >> 8 ) & 0xFF ) ^ \
AES_FT2( ( Y1 >> 16 ) & 0xFF ) ^ \ AES_FT2( ( (Y1) >> 16 ) & 0xFF ) ^ \
AES_FT3( ( Y2 >> 24 ) & 0xFF ); \ AES_FT3( ( (Y2) >> 24 ) & 0xFF ); \
} } while( 0 )
#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ #define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
{ \ do \
X0 = *RK++ ^ AES_RT0( ( Y0 ) & 0xFF ) ^ \ { \
AES_RT1( ( Y3 >> 8 ) & 0xFF ) ^ \ (X0) = *RK++ ^ AES_RT0( ( (Y0) ) & 0xFF ) ^ \
AES_RT2( ( Y2 >> 16 ) & 0xFF ) ^ \ AES_RT1( ( (Y3) >> 8 ) & 0xFF ) ^ \
AES_RT3( ( Y1 >> 24 ) & 0xFF ); \ AES_RT2( ( (Y2) >> 16 ) & 0xFF ) ^ \
AES_RT3( ( (Y1) >> 24 ) & 0xFF ); \
\ \
X1 = *RK++ ^ AES_RT0( ( Y1 ) & 0xFF ) ^ \ (X1) = *RK++ ^ AES_RT0( ( (Y1) ) & 0xFF ) ^ \
AES_RT1( ( Y0 >> 8 ) & 0xFF ) ^ \ AES_RT1( ( (Y0) >> 8 ) & 0xFF ) ^ \
AES_RT2( ( Y3 >> 16 ) & 0xFF ) ^ \ AES_RT2( ( (Y3) >> 16 ) & 0xFF ) ^ \
AES_RT3( ( Y2 >> 24 ) & 0xFF ); \ AES_RT3( ( (Y2) >> 24 ) & 0xFF ); \
\ \
X2 = *RK++ ^ AES_RT0( ( Y2 ) & 0xFF ) ^ \ (X2) = *RK++ ^ AES_RT0( ( (Y2) ) & 0xFF ) ^ \
AES_RT1( ( Y1 >> 8 ) & 0xFF ) ^ \ AES_RT1( ( (Y1) >> 8 ) & 0xFF ) ^ \
AES_RT2( ( Y0 >> 16 ) & 0xFF ) ^ \ AES_RT2( ( (Y0) >> 16 ) & 0xFF ) ^ \
AES_RT3( ( Y3 >> 24 ) & 0xFF ); \ AES_RT3( ( (Y3) >> 24 ) & 0xFF ); \
\ \
X3 = *RK++ ^ AES_RT0( ( Y3 ) & 0xFF ) ^ \ (X3) = *RK++ ^ AES_RT0( ( (Y3) ) & 0xFF ) ^ \
AES_RT1( ( Y2 >> 8 ) & 0xFF ) ^ \ AES_RT1( ( (Y2) >> 8 ) & 0xFF ) ^ \
AES_RT2( ( Y1 >> 16 ) & 0xFF ) ^ \ AES_RT2( ( (Y1) >> 16 ) & 0xFF ) ^ \
AES_RT3( ( Y0 >> 24 ) & 0xFF ); \ AES_RT3( ( (Y0) >> 24 ) & 0xFF ); \
} } while( 0 )
/* /*
* AES-ECB block encryption * AES-ECB block encryption

View File

@ -294,22 +294,28 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t bits ) const unsigned char *buf, size_t bits )
{ {
int ret; int ret;
size_t len = 0, size; size_t len = 0;
size_t unused_bits, byte_len;
size = ( bits / 8 ) + ( ( bits % 8 ) ? 1 : 0 ); byte_len = ( bits + 7 ) / 8;
unused_bits = ( byte_len * 8 ) - bits;
// Calculate byte length if( *p < start || (size_t)( *p - start ) < byte_len + 1 )
//
if( *p < start || (size_t)( *p - start ) < size + 1 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
len = size + 1; len = byte_len + 1;
(*p) -= size;
memcpy( *p, buf, size );
// Write unused bits /* Write the bitstring. Ensure the unused bits are zeroed */
// if( byte_len > 0 )
*--(*p) = (unsigned char) (size * 8 - bits); {
byte_len--;
*--( *p ) = buf[byte_len] & ~( ( 0x1 << unused_bits ) - 1 );
( *p ) -= byte_len;
memcpy( *p, buf, byte_len );
}
/* Write unused bits */
*--( *p ) = (unsigned char)unused_bits;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );

View File

@ -527,26 +527,38 @@ cleanup:
} }
/* /*
* Helper to write the digits high-order first * Helper to write the digits high-order first.
*/ */
static int mpi_write_hlp( mbedtls_mpi *X, int radix, char **p ) static int mpi_write_hlp( mbedtls_mpi *X, int radix,
char **p, const size_t buflen )
{ {
int ret; int ret;
mbedtls_mpi_uint r; mbedtls_mpi_uint r;
size_t length = 0;
char *p_end = *p + buflen;
if( radix < 2 || radix > 16 ) do
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); {
if( length >= buflen )
{
return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
}
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) );
/*
if( mbedtls_mpi_cmp_int( X, 0 ) != 0 ) * Write the residue in the current position, as an ASCII character.
MBEDTLS_MPI_CHK( mpi_write_hlp( X, radix, p ) ); */
if( r < 0xA )
if( r < 10 ) *(--p_end) = (char)( '0' + r );
*(*p)++ = (char)( r + 0x30 );
else else
*(*p)++ = (char)( r + 0x37 ); *(--p_end) = (char)( 'A' + ( r - 0xA ) );
length++;
} while( mbedtls_mpi_cmp_int( X, 0 ) != 0 );
memmove( *p, p_end, length );
*p += length;
cleanup: cleanup:
@ -570,15 +582,20 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
if( radix < 2 || radix > 16 ) if( radix < 2 || radix > 16 )
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
n = mbedtls_mpi_bitlen( X ); n = mbedtls_mpi_bitlen( X ); /* Number of bits necessary to present `n`. */
if( radix >= 4 ) n >>= 1; if( radix >= 4 ) n >>= 1; /* Number of 4-adic digits necessary to present
if( radix >= 16 ) n >>= 1; * `n`. If radix > 4, this might be a strict
/* * overapproximation of the number of
* Round up the buffer length to an even value to ensure that there is * radix-adic digits needed to present `n`. */
* enough room for hexadecimal values that can be represented in an odd if( radix >= 16 ) n >>= 1; /* Number of hexadecimal digits necessary to
* number of digits. * present `n`. */
*/
n += 3 + ( ( n + 1 ) & 1 ); n += 1; /* Terminating null byte */
n += 1; /* Compensate for the divisions above, which round down `n`
* in case it's not even. */
n += 1; /* Potential '-'-sign. */
n += ( n & 1 ); /* Make n even to have enough space for hexadecimal writing,
* which always uses an even number of hex-digits. */
if( buflen < n ) if( buflen < n )
{ {
@ -590,7 +607,10 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
mbedtls_mpi_init( &T ); mbedtls_mpi_init( &T );
if( X->s == -1 ) if( X->s == -1 )
{
*p++ = '-'; *p++ = '-';
buflen--;
}
if( radix == 16 ) if( radix == 16 )
{ {
@ -619,7 +639,7 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
if( T.s == -1 ) if( T.s == -1 )
T.s = 1; T.s = 1;
MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p ) ); MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p, buflen ) );
} }
*p++ = '\0'; *p++ = '\0';
@ -715,14 +735,101 @@ cleanup:
} }
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
/* Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint
* into the storage form used by mbedtls_mpi. */
static mbedtls_mpi_uint mpi_uint_bigendian_to_host_c( mbedtls_mpi_uint x )
{
uint8_t i;
mbedtls_mpi_uint tmp = 0;
/* This works regardless of the endianness. */
for( i = 0; i < ciL; i++, x >>= 8 )
tmp |= ( x & 0xFF ) << ( ( ciL - 1 - i ) << 3 );
return( tmp );
}
static mbedtls_mpi_uint mpi_uint_bigendian_to_host( mbedtls_mpi_uint x )
{
#if defined(__BYTE_ORDER__)
/* Nothing to do on bigendian systems. */
#if ( __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ )
return( x );
#endif /* __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ */
#if ( __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ )
/* For GCC and Clang, have builtins for byte swapping. */
#if defined(__GNUC__) && defined(__GNUC_PREREQ)
#if __GNUC_PREREQ(4,3)
#define have_bswap
#endif
#endif
#if defined(__clang__) && defined(__has_builtin)
#if __has_builtin(__builtin_bswap32) && \
__has_builtin(__builtin_bswap64)
#define have_bswap
#endif
#endif
#if defined(have_bswap)
/* The compiler is hopefully able to statically evaluate this! */
switch( sizeof(mbedtls_mpi_uint) )
{
case 4:
return( __builtin_bswap32(x) );
case 8:
return( __builtin_bswap64(x) );
}
#endif
#endif /* __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ */
#endif /* __BYTE_ORDER__ */
/* Fall back to C-based reordering if we don't know the byte order
* or we couldn't use a compiler-specific builtin. */
return( mpi_uint_bigendian_to_host_c( x ) );
}
static void mpi_bigendian_to_host( mbedtls_mpi_uint * const p, size_t limbs )
{
mbedtls_mpi_uint *cur_limb_left;
mbedtls_mpi_uint *cur_limb_right;
if( limbs == 0 )
return;
/*
* Traverse limbs and
* - adapt byte-order in each limb
* - swap the limbs themselves.
* For that, simultaneously traverse the limbs from left to right
* and from right to left, as long as the left index is not bigger
* than the right index (it's not a problem if limbs is odd and the
* indices coincide in the last iteration).
*/
for( cur_limb_left = p, cur_limb_right = p + ( limbs - 1 );
cur_limb_left <= cur_limb_right;
cur_limb_left++, cur_limb_right-- )
{
mbedtls_mpi_uint tmp;
/* Note that if cur_limb_left == cur_limb_right,
* this code effectively swaps the bytes only once. */
tmp = mpi_uint_bigendian_to_host( *cur_limb_left );
*cur_limb_left = mpi_uint_bigendian_to_host( *cur_limb_right );
*cur_limb_right = tmp;
}
}
/* /*
* Import X from unsigned binary data, big endian * Import X from unsigned binary data, big endian
*/ */
int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ) int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen )
{ {
int ret; int ret;
size_t i, j;
size_t const limbs = CHARS_TO_LIMBS( buflen ); size_t const limbs = CHARS_TO_LIMBS( buflen );
size_t const overhead = ( limbs * ciL ) - buflen;
unsigned char *Xp;
MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); MPI_VALIDATE_RET( buflen == 0 || buf != NULL );
@ -734,11 +841,17 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t bu
mbedtls_mpi_init( X ); mbedtls_mpi_init( X );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
} }
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
for( i = buflen, j = 0; i > 0; i--, j++ ) /* Avoid calling `memcpy` with NULL source argument,
X->p[j / ciL] |= ((mbedtls_mpi_uint) buf[i - 1]) << ((j % ciL) << 3); * even if buflen is 0. */
if( buf != NULL )
{
Xp = (unsigned char*) X->p;
memcpy( Xp + overhead, buf, buflen );
mpi_bigendian_to_host( X->p, limbs );
}
cleanup: cleanup:
@ -1764,8 +1877,10 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
wsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 : wsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 :
( i > 79 ) ? 4 : ( i > 23 ) ? 3 : 1; ( i > 79 ) ? 4 : ( i > 23 ) ? 3 : 1;
#if( MBEDTLS_MPI_WINDOW_SIZE < 6 )
if( wsize > MBEDTLS_MPI_WINDOW_SIZE ) if( wsize > MBEDTLS_MPI_WINDOW_SIZE )
wsize = MBEDTLS_MPI_WINDOW_SIZE; wsize = MBEDTLS_MPI_WINDOW_SIZE;
#endif
j = N->n + 1; j = N->n + 1;
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
@ -2008,18 +2123,28 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
void *p_rng ) void *p_rng )
{ {
int ret; int ret;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; size_t const limbs = CHARS_TO_LIMBS( size );
size_t const overhead = ( limbs * ciL ) - size;
unsigned char *Xp;
MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( f_rng != NULL ); MPI_VALIDATE_RET( f_rng != NULL );
if( size > MBEDTLS_MPI_MAX_SIZE ) /* Ensure that target MPI has exactly the necessary number of limbs */
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); if( X->n != limbs )
{
mbedtls_mpi_free( X );
mbedtls_mpi_init( X );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
}
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
MBEDTLS_MPI_CHK( f_rng( p_rng, buf, size ) ); Xp = (unsigned char*) X->p;
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( X, buf, size ) ); f_rng( p_rng, Xp + overhead, size );
mpi_bigendian_to_host( X->p, limbs );
cleanup: cleanup:
mbedtls_platform_zeroize( buf, sizeof( buf ) );
return( ret ); return( ret );
} }

View File

@ -134,11 +134,17 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx )
* This avoids allocating one more 16 bytes buffer while allowing src == dst. * This avoids allocating one more 16 bytes buffer while allowing src == dst.
*/ */
#define CTR_CRYPT( dst, src, len ) \ #define CTR_CRYPT( dst, src, len ) \
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \ do \
{ \
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, \
16, b, &olen ) ) != 0 ) \
{ \
return( ret ); \ return( ret ); \
} \
\ \
for( i = 0; i < len; i++ ) \ for( i = 0; i < (len); i++ ) \
dst[i] = src[i] ^ b[i]; (dst)[i] = (src)[i] ^ b[i]; \
} while( 0 )
/* /*
* Authenticated encryption or decryption * Authenticated encryption or decryption

File diff suppressed because it is too large Load Diff

View File

@ -60,14 +60,14 @@
MBEDTLS_INTERNAL_VALIDATE( cond ) MBEDTLS_INTERNAL_VALIDATE( cond )
#define BYTES_TO_U32_LE( data, offset ) \ #define BYTES_TO_U32_LE( data, offset ) \
( (uint32_t) data[offset] \ ( (uint32_t) (data)[offset] \
| (uint32_t) ( (uint32_t) data[( offset ) + 1] << 8 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \
| (uint32_t) ( (uint32_t) data[( offset ) + 2] << 16 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \
| (uint32_t) ( (uint32_t) data[( offset ) + 3] << 24 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \
) )
#define ROTL32( value, amount ) \ #define ROTL32( value, amount ) \
( (uint32_t) ( value << amount ) | ( value >> ( 32 - amount ) ) ) ( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) )
#define CHACHA20_CTR_INDEX ( 12U ) #define CHACHA20_CTR_INDEX ( 12U )

View File

@ -86,8 +86,13 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
char str[DEBUG_BUF_SIZE]; char str[DEBUG_BUF_SIZE];
int ret; int ret;
if( NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || level > debug_threshold ) if( NULL == ssl ||
NULL == ssl->conf ||
NULL == ssl->conf->f_dbg ||
level > debug_threshold )
{
return; return;
}
va_start( argp, format ); va_start( argp, format );
#if defined(_WIN32) #if defined(_WIN32)
@ -121,8 +126,13 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
{ {
char str[DEBUG_BUF_SIZE]; char str[DEBUG_BUF_SIZE];
if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold ) if( NULL == ssl ||
NULL == ssl->conf ||
NULL == ssl->conf->f_dbg ||
level > debug_threshold )
{
return; return;
}
/* /*
* With non-blocking I/O and examples that just retry immediately, * With non-blocking I/O and examples that just retry immediately,
@ -146,8 +156,13 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
char txt[17]; char txt[17];
size_t i, idx = 0; size_t i, idx = 0;
if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold ) if( NULL == ssl ||
NULL == ssl->conf ||
NULL == ssl->conf->f_dbg ||
level > debug_threshold )
{
return; return;
}
mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n", mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n",
text, (unsigned int) len ); text, (unsigned int) len );
@ -199,8 +214,13 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
{ {
char str[DEBUG_BUF_SIZE]; char str[DEBUG_BUF_SIZE];
if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold ) if( NULL == ssl ||
NULL == ssl->conf ||
NULL == ssl->conf->f_dbg ||
level > debug_threshold )
{
return; return;
}
mbedtls_snprintf( str, sizeof( str ), "%s(X)", text ); mbedtls_snprintf( str, sizeof( str ), "%s(X)", text );
mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X ); mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X );
@ -219,8 +239,14 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
int j, k, zeros = 1; int j, k, zeros = 1;
size_t i, n, idx = 0; size_t i, n, idx = 0;
if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || X == NULL || level > debug_threshold ) if( NULL == ssl ||
NULL == ssl->conf ||
NULL == ssl->conf->f_dbg ||
NULL == X ||
level > debug_threshold )
{
return; return;
}
for( n = X->n - 1; n > 0; n-- ) for( n = X->n - 1; n > 0; n-- )
if( X->p[n] != 0 ) if( X->p[n] != 0 )
@ -345,8 +371,14 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
char str[DEBUG_BUF_SIZE]; char str[DEBUG_BUF_SIZE];
int i = 0; int i = 0;
if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || crt == NULL || level > debug_threshold ) if( NULL == ssl ||
NULL == ssl->conf ||
NULL == ssl->conf->f_dbg ||
NULL == crt ||
level > debug_threshold )
{
return; return;
}
while( crt != NULL ) while( crt != NULL )
{ {

View File

@ -258,49 +258,56 @@ static const uint32_t RHs[16] =
* Initial Permutation macro * Initial Permutation macro
*/ */
#define DES_IP(X,Y) \ #define DES_IP(X,Y) \
{ \ do \
T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \ { \
T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \ T = (((X) >> 4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T << 4); \
T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \ T = (((X) >> 16) ^ (Y)) & 0x0000FFFF; (Y) ^= T; (X) ^= (T << 16); \
T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \ T = (((Y) >> 2) ^ (X)) & 0x33333333; (X) ^= T; (Y) ^= (T << 2); \
Y = ((Y << 1) | (Y >> 31)) & 0xFFFFFFFF; \ T = (((Y) >> 8) ^ (X)) & 0x00FF00FF; (X) ^= T; (Y) ^= (T << 8); \
T = (X ^ Y) & 0xAAAAAAAA; Y ^= T; X ^= T; \ (Y) = (((Y) << 1) | ((Y) >> 31)) & 0xFFFFFFFF; \
X = ((X << 1) | (X >> 31)) & 0xFFFFFFFF; \ T = ((X) ^ (Y)) & 0xAAAAAAAA; (Y) ^= T; (X) ^= T; \
} (X) = (((X) << 1) | ((X) >> 31)) & 0xFFFFFFFF; \
} while( 0 )
/* /*
* Final Permutation macro * Final Permutation macro
*/ */
#define DES_FP(X,Y) \ #define DES_FP(X,Y) \
{ \ do \
X = ((X << 31) | (X >> 1)) & 0xFFFFFFFF; \ { \
T = (X ^ Y) & 0xAAAAAAAA; X ^= T; Y ^= T; \ (X) = (((X) << 31) | ((X) >> 1)) & 0xFFFFFFFF; \
Y = ((Y << 31) | (Y >> 1)) & 0xFFFFFFFF; \ T = ((X) ^ (Y)) & 0xAAAAAAAA; (X) ^= T; (Y) ^= T; \
T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \ (Y) = (((Y) << 31) | ((Y) >> 1)) & 0xFFFFFFFF; \
T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \ T = (((Y) >> 8) ^ (X)) & 0x00FF00FF; (X) ^= T; (Y) ^= (T << 8); \
T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \ T = (((Y) >> 2) ^ (X)) & 0x33333333; (X) ^= T; (Y) ^= (T << 2); \
T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \ T = (((X) >> 16) ^ (Y)) & 0x0000FFFF; (Y) ^= T; (X) ^= (T << 16); \
} T = (((X) >> 4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T << 4); \
} while( 0 )
/* /*
* DES round macro * DES round macro
*/ */
#define DES_ROUND(X,Y) \ #define DES_ROUND(X,Y) \
{ \ do \
T = *SK++ ^ X; \ { \
Y ^= SB8[ (T ) & 0x3F ] ^ \ T = *SK++ ^ (X); \
(Y) ^= SB8[ (T ) & 0x3F ] ^ \
SB6[ (T >> 8) & 0x3F ] ^ \ SB6[ (T >> 8) & 0x3F ] ^ \
SB4[ (T >> 16) & 0x3F ] ^ \ SB4[ (T >> 16) & 0x3F ] ^ \
SB2[ (T >> 24) & 0x3F ]; \ SB2[ (T >> 24) & 0x3F ]; \
\ \
T = *SK++ ^ ((X << 28) | (X >> 4)); \ T = *SK++ ^ (((X) << 28) | ((X) >> 4)); \
Y ^= SB7[ (T ) & 0x3F ] ^ \ (Y) ^= SB7[ (T ) & 0x3F ] ^ \
SB5[ (T >> 8) & 0x3F ] ^ \ SB5[ (T >> 8) & 0x3F ] ^ \
SB3[ (T >> 16) & 0x3F ] ^ \ SB3[ (T >> 16) & 0x3F ] ^ \
SB1[ (T >> 24) & 0x3F ]; \ SB1[ (T >> 24) & 0x3F ]; \
} } while( 0 )
#define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; } #define SWAP(a,b) \
do \
{ \
uint32_t t = (a); (a) = (b); (b) = t; t = 0; \
} while( 0 )
void mbedtls_des_init( mbedtls_des_context *ctx ) void mbedtls_des_init( mbedtls_des_context *ctx )
{ {

View File

@ -649,12 +649,28 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path )
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PEM_PARSE_C)
static const char mbedtls_test_dhm_params[] = static const char mbedtls_test_dhm_params[] =
"-----BEGIN DH PARAMETERS-----\r\n" "-----BEGIN DH PARAMETERS-----\r\n"
"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n" "MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n"
"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n" "1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n"
"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n" "9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n"
"-----END DH PARAMETERS-----\r\n"; "-----END DH PARAMETERS-----\r\n";
#else /* MBEDTLS_PEM_PARSE_C */
static const char mbedtls_test_dhm_params[] = {
0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x35, 0xf4, 0x30, 0x44,
0x3a, 0x09, 0x90, 0x4f, 0x3a, 0x39, 0xa9, 0x79, 0x79, 0x7d, 0x07, 0x0d,
0xf5, 0x33, 0x78, 0xe7, 0x9c, 0x24, 0x38, 0xbe, 0xf4, 0xe7, 0x61, 0xf3,
0xc7, 0x14, 0x55, 0x33, 0x28, 0x58, 0x9b, 0x04, 0x1c, 0x80, 0x9b, 0xe1,
0xd6, 0xc6, 0xb5, 0xf1, 0xfc, 0x9f, 0x47, 0xd3, 0xa2, 0x54, 0x43, 0x18,
0x82, 0x53, 0xa9, 0x92, 0xa5, 0x68, 0x18, 0xb3, 0x7b, 0xa9, 0xde, 0x5a,
0x40, 0xd3, 0x62, 0xe5, 0x6e, 0xff, 0x0b, 0xe5, 0x41, 0x74, 0x74, 0xc1,
0x25, 0xc1, 0x99, 0x27, 0x2c, 0x8f, 0xe4, 0x1d, 0xea, 0x73, 0x3d, 0xf6,
0xf6, 0x62, 0xc9, 0x2a, 0xe7, 0x65, 0x56, 0xe7, 0x55, 0xd1, 0x0c, 0x64,
0xe6, 0xa5, 0x09, 0x68, 0xf6, 0x7f, 0xc6, 0xea, 0x73, 0xd0, 0xdc, 0xa8,
0x56, 0x9b, 0xe2, 0xba, 0x20, 0x4e, 0x23, 0x58, 0x0d, 0x8b, 0xca, 0x2f,
0x49, 0x75, 0xb3, 0x02, 0x01, 0x02 };
#endif /* MBEDTLS_PEM_PARSE_C */
static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params ); static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params );

View File

@ -49,6 +49,16 @@
typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed; typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed;
#endif #endif
static mbedtls_ecp_group_id mbedtls_ecdh_grp_id(
const mbedtls_ecdh_context *ctx )
{
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
return( ctx->grp.id );
#else
return( ctx->grp_id );
#endif
}
#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) #if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
/* /*
* Generate public key (restartable version) * Generate public key (restartable version)
@ -442,8 +452,21 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS || ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS ||
side == MBEDTLS_ECDH_THEIRS ); side == MBEDTLS_ECDH_THEIRS );
if( mbedtls_ecdh_grp_id( ctx ) == MBEDTLS_ECP_DP_NONE )
{
/* This is the first call to get_params(). Set up the context
* for use with the group. */
if( ( ret = mbedtls_ecdh_setup( ctx, key->grp.id ) ) != 0 ) if( ( ret = mbedtls_ecdh_setup( ctx, key->grp.id ) ) != 0 )
return( ret ); return( ret );
}
else
{
/* This is not the first call to get_params(). Check that the
* current key's group is the same as the context's, which was set
* from the first key's group. */
if( mbedtls_ecdh_grp_id( ctx ) != key->grp.id )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
}
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
return( ecdh_get_params_internal( ctx, key, side ) ); return( ecdh_get_params_internal( ctx, key, side ) );

View File

@ -800,11 +800,16 @@ cleanup:
int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{ {
int ret = 0;
ECDSA_VALIDATE_RET( ctx != NULL ); ECDSA_VALIDATE_RET( ctx != NULL );
ECDSA_VALIDATE_RET( f_rng != NULL ); ECDSA_VALIDATE_RET( f_rng != NULL );
return( mbedtls_ecp_group_load( &ctx->grp, gid ) || ret = mbedtls_ecp_group_load( &ctx->grp, gid );
mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ); if( ret != 0 )
return( ret );
return( mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d,
&ctx->Q, f_rng, p_rng ) );
} }
#endif /* !MBEDTLS_ECDSA_GENKEY_ALT */ #endif /* !MBEDTLS_ECDSA_GENKEY_ALT */

View File

@ -1046,16 +1046,20 @@ cleanup:
#define INC_MUL_COUNT #define INC_MUL_COUNT
#endif #endif
#define MOD_MUL( N ) do { MBEDTLS_MPI_CHK( ecp_modp( &N, grp ) ); INC_MUL_COUNT } \ #define MOD_MUL( N ) \
while( 0 ) do \
{ \
MBEDTLS_MPI_CHK( ecp_modp( &(N), grp ) ); \
INC_MUL_COUNT \
} while( 0 )
/* /*
* Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_sub_mpi * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_sub_mpi
* N->s < 0 is a very fast test, which fails only if N is 0 * N->s < 0 is a very fast test, which fails only if N is 0
*/ */
#define MOD_SUB( N ) \ #define MOD_SUB( N ) \
while( N.s < 0 && mbedtls_mpi_cmp_int( &N, 0 ) != 0 ) \ while( (N).s < 0 && mbedtls_mpi_cmp_int( &(N), 0 ) != 0 ) \
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &N, &N, &grp->P ) ) MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &(N), &(N), &grp->P ) )
/* /*
* Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int. * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int.
@ -1063,8 +1067,8 @@ cleanup:
* a bit faster. * a bit faster.
*/ */
#define MOD_ADD( N ) \ #define MOD_ADD( N ) \
while( mbedtls_mpi_cmp_mpi( &N, &grp->P ) >= 0 ) \ while( mbedtls_mpi_cmp_mpi( &(N), &grp->P ) >= 0 ) \
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &N, &N, &grp->P ) ) MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &(N), &(N), &grp->P ) )
#if defined(ECP_SHORTWEIERSTRASS) #if defined(ECP_SHORTWEIERSTRASS)
/* /*

View File

@ -52,10 +52,10 @@
#if defined(MBEDTLS_HAVE_INT32) #if defined(MBEDTLS_HAVE_INT32)
#define BYTES_TO_T_UINT_4( a, b, c, d ) \ #define BYTES_TO_T_UINT_4( a, b, c, d ) \
( (mbedtls_mpi_uint) a << 0 ) | \ ( (mbedtls_mpi_uint) (a) << 0 ) | \
( (mbedtls_mpi_uint) b << 8 ) | \ ( (mbedtls_mpi_uint) (b) << 8 ) | \
( (mbedtls_mpi_uint) c << 16 ) | \ ( (mbedtls_mpi_uint) (c) << 16 ) | \
( (mbedtls_mpi_uint) d << 24 ) ( (mbedtls_mpi_uint) (d) << 24 )
#define BYTES_TO_T_UINT_2( a, b ) \ #define BYTES_TO_T_UINT_2( a, b ) \
BYTES_TO_T_UINT_4( a, b, 0, 0 ) BYTES_TO_T_UINT_4( a, b, 0, 0 )
@ -67,14 +67,14 @@
#else /* 64-bits */ #else /* 64-bits */
#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ #define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
( (mbedtls_mpi_uint) a << 0 ) | \ ( (mbedtls_mpi_uint) (a) << 0 ) | \
( (mbedtls_mpi_uint) b << 8 ) | \ ( (mbedtls_mpi_uint) (b) << 8 ) | \
( (mbedtls_mpi_uint) c << 16 ) | \ ( (mbedtls_mpi_uint) (c) << 16 ) | \
( (mbedtls_mpi_uint) d << 24 ) | \ ( (mbedtls_mpi_uint) (d) << 24 ) | \
( (mbedtls_mpi_uint) e << 32 ) | \ ( (mbedtls_mpi_uint) (e) << 32 ) | \
( (mbedtls_mpi_uint) f << 40 ) | \ ( (mbedtls_mpi_uint) (f) << 40 ) | \
( (mbedtls_mpi_uint) g << 48 ) | \ ( (mbedtls_mpi_uint) (g) << 48 ) | \
( (mbedtls_mpi_uint) h << 56 ) ( (mbedtls_mpi_uint) (h) << 56 )
#define BYTES_TO_T_UINT_4( a, b, c, d ) \ #define BYTES_TO_T_UINT_4( a, b, c, d ) \
BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 ) BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 )
@ -890,7 +890,7 @@ static inline void carry64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry )
} }
#define WIDTH 8 / sizeof( mbedtls_mpi_uint ) #define WIDTH 8 / sizeof( mbedtls_mpi_uint )
#define A( i ) N->p + i * WIDTH #define A( i ) N->p + (i) * WIDTH
#define ADD( i ) add64( p, A( i ), &c ) #define ADD( i ) add64( p, A( i ), &c )
#define NEXT p += WIDTH; carry64( p, &c ) #define NEXT p += WIDTH; carry64( p, &c )
#define LAST p += WIDTH; *p = c; while( ++p < end ) *p = 0 #define LAST p += WIDTH; *p = c; while( ++p < end ) *p = 0
@ -955,7 +955,8 @@ cleanup:
#else /* 64-bit */ #else /* 64-bit */
#define MAX32 N->n * 2 #define MAX32 N->n * 2
#define A( j ) j % 2 ? (uint32_t)( N->p[j/2] >> 32 ) : (uint32_t)( N->p[j/2] ) #define A( j ) (j) % 2 ? (uint32_t)( N->p[(j)/2] >> 32 ) : \
(uint32_t)( N->p[(j)/2] )
#define STORE32 \ #define STORE32 \
if( i % 2 ) { \ if( i % 2 ) { \
N->p[i/2] &= 0x00000000FFFFFFFF; \ N->p[i/2] &= 0x00000000FFFFFFFF; \
@ -993,16 +994,17 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry )
int ret; \ int ret; \
signed char c = 0, cc; \ signed char c = 0, cc; \
uint32_t cur; \ uint32_t cur; \
size_t i = 0, bits = b; \ size_t i = 0, bits = (b); \
mbedtls_mpi C; \ mbedtls_mpi C; \
mbedtls_mpi_uint Cp[ b / 8 / sizeof( mbedtls_mpi_uint) + 1 ]; \ mbedtls_mpi_uint Cp[ (b) / 8 / sizeof( mbedtls_mpi_uint) + 1 ]; \
\ \
C.s = 1; \ C.s = 1; \
C.n = b / 8 / sizeof( mbedtls_mpi_uint) + 1; \ C.n = (b) / 8 / sizeof( mbedtls_mpi_uint) + 1; \
C.p = Cp; \ C.p = Cp; \
memset( Cp, 0, C.n * sizeof( mbedtls_mpi_uint ) ); \ memset( Cp, 0, C.n * sizeof( mbedtls_mpi_uint ) ); \
\ \
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, b * 2 / 8 / sizeof( mbedtls_mpi_uint ) ) ); \ MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, (b) * 2 / 8 / \
sizeof( mbedtls_mpi_uint ) ) ); \
LOAD32; LOAD32;
#define NEXT \ #define NEXT \

View File

@ -61,43 +61,28 @@
#define _WIN32_WINNT 0x0400 #define _WIN32_WINNT 0x0400
#endif #endif
#include <windows.h> #include <windows.h>
#include <bcrypt.h> #include <wincrypt.h>
#if defined(_MSC_VER) && _MSC_VER <= 1600
/* Visual Studio 2010 and earlier issue a warning when both <stdint.h> and
* <intsafe.h> are included, as they redefine a number of <TYPE>_MAX constants.
* These constants are guaranteed to be the same, though, so we suppress the
* warning when including intsafe.h.
*/
#pragma warning( push )
#pragma warning( disable : 4005 )
#endif
#include <intsafe.h>
#if defined(_MSC_VER) && _MSC_VER <= 1600
#pragma warning( pop )
#endif
int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len, int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
size_t *olen ) size_t *olen )
{ {
ULONG len_as_ulong = 0; HCRYPTPROV provider;
((void) data); ((void) data);
*olen = 0; *olen = 0;
/* if( CryptAcquireContext( &provider, NULL, NULL,
* BCryptGenRandom takes ULONG for size, which is smaller than size_t on PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
* 64-bit Windows platforms. Ensure len's value can be safely converted into
* a ULONG.
*/
if ( FAILED( SizeTToULong( len, &len_as_ulong ) ) )
{ {
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
} }
if ( !BCRYPT_SUCCESS( BCryptGenRandom( NULL, output, len_as_ulong, BCRYPT_USE_SYSTEM_PREFERRED_RNG ) ) ) if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
{ {
CryptReleaseContext( provider, 0 );
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
} }
CryptReleaseContext( provider, 0 );
*olen = len; *olen = len;
return( 0 ); return( 0 );

View File

@ -54,7 +54,7 @@
* ------------------------------------------------------------------------ * ------------------------------------------------------------------------
*/ */
#define SWAP(X,Y) { int *T = X; X = Y; Y = T; } #define SWAP(X,Y) { int *T = (X); (X) = (Y); (Y) = T; }
#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1; #define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1; #define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;

View File

@ -137,15 +137,21 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
GET_UINT32_LE( X[14], data, 56 ); GET_UINT32_LE( X[14], data, 56 );
GET_UINT32_LE( X[15], data, 60 ); GET_UINT32_LE( X[15], data, 60 );
#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
A = ctx->state[0]; A = ctx->state[0];
B = ctx->state[1]; B = ctx->state[1];
C = ctx->state[2]; C = ctx->state[2];
D = ctx->state[3]; D = ctx->state[3];
#define F(x, y, z) ((x & y) | ((~x) & z)) #define F(x, y, z) (((x) & (y)) | ((~(x)) & (z)))
#define P(a,b,c,d,x,s) { a += F(b,c,d) + x; a = S(a,s); } #define P(a,b,c,d,x,s) \
do \
{ \
(a) += F((b),(c),(d)) + (x); \
(a) = S((a),(s)); \
} while( 0 )
P( A, B, C, D, X[ 0], 3 ); P( A, B, C, D, X[ 0], 3 );
P( D, A, B, C, X[ 1], 7 ); P( D, A, B, C, X[ 1], 7 );
@ -167,8 +173,13 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
#undef P #undef P
#undef F #undef F
#define F(x,y,z) ((x & y) | (x & z) | (y & z)) #define F(x,y,z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
#define P(a,b,c,d,x,s) { a += F(b,c,d) + x + 0x5A827999; a = S(a,s); } #define P(a,b,c,d,x,s) \
do \
{ \
(a) += F((b),(c),(d)) + (x) + 0x5A827999; \
(a) = S((a),(s)); \
} while( 0 )
P( A, B, C, D, X[ 0], 3 ); P( A, B, C, D, X[ 0], 3 );
P( D, A, B, C, X[ 4], 5 ); P( D, A, B, C, X[ 4], 5 );
@ -190,8 +201,13 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
#undef P #undef P
#undef F #undef F
#define F(x,y,z) (x ^ y ^ z) #define F(x,y,z) ((x) ^ (y) ^ (z))
#define P(a,b,c,d,x,s) { a += F(b,c,d) + x + 0x6ED9EBA1; a = S(a,s); } #define P(a,b,c,d,x,s) \
do \
{ \
(a) += F((b),(c),(d)) + (x) + 0x6ED9EBA1; \
(a) = S((a),(s)); \
} while( 0 )
P( A, B, C, D, X[ 0], 3 ); P( A, B, C, D, X[ 0], 3 );
P( D, A, B, C, X[ 8], 9 ); P( D, A, B, C, X[ 8], 9 );

View File

@ -136,19 +136,22 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
GET_UINT32_LE( X[14], data, 56 ); GET_UINT32_LE( X[14], data, 56 );
GET_UINT32_LE( X[15], data, 60 ); GET_UINT32_LE( X[15], data, 60 );
#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) #define S(x,n) \
( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) )
#define P(a,b,c,d,k,s,t) \ #define P(a,b,c,d,k,s,t) \
{ \ do \
a += F(b,c,d) + X[k] + t; a = S(a,s) + b; \ { \
} (a) += F((b),(c),(d)) + X[(k)] + (t); \
(a) = S((a),(s)) + (b); \
} while( 0 )
A = ctx->state[0]; A = ctx->state[0];
B = ctx->state[1]; B = ctx->state[1];
C = ctx->state[2]; C = ctx->state[2];
D = ctx->state[3]; D = ctx->state[3];
#define F(x,y,z) (z ^ (x & (y ^ z))) #define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
P( A, B, C, D, 0, 7, 0xD76AA478 ); P( A, B, C, D, 0, 7, 0xD76AA478 );
P( D, A, B, C, 1, 12, 0xE8C7B756 ); P( D, A, B, C, 1, 12, 0xE8C7B756 );
@ -169,7 +172,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
#undef F #undef F
#define F(x,y,z) (y ^ (z & (x ^ y))) #define F(x,y,z) ((y) ^ ((z) & ((x) ^ (y))))
P( A, B, C, D, 1, 5, 0xF61E2562 ); P( A, B, C, D, 1, 5, 0xF61E2562 );
P( D, A, B, C, 6, 9, 0xC040B340 ); P( D, A, B, C, 6, 9, 0xC040B340 );
@ -190,7 +193,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
#undef F #undef F
#define F(x,y,z) (x ^ y ^ z) #define F(x,y,z) ((x) ^ (y) ^ (z))
P( A, B, C, D, 5, 4, 0xFFFA3942 ); P( A, B, C, D, 5, 4, 0xFFFA3942 );
P( D, A, B, C, 8, 11, 0x8771F681 ); P( D, A, B, C, 8, 11, 0x8771F681 );
@ -211,7 +214,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
#undef F #undef F
#define F(x,y,z) (y ^ (x | ~z)) #define F(x,y,z) ((y) ^ ((x) | ~(z)))
P( A, B, C, D, 0, 6, 0xF4292244 ); P( A, B, C, D, 0, 6, 0xF4292244 );
P( D, A, B, C, 7, 10, 0x432AFF97 ); P( D, A, B, C, 7, 10, 0x432AFF97 );

View File

@ -55,10 +55,12 @@
* the other functions) * the other functions)
*/ */
#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \ #define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \
static const TYPE_T * oid_ ## NAME ## _from_asn1( const mbedtls_asn1_buf *oid ) \ static const TYPE_T * oid_ ## NAME ## _from_asn1( \
{ \ const mbedtls_asn1_buf *oid ) \
const TYPE_T *p = LIST; \ { \
const mbedtls_oid_descriptor_t *cur = (const mbedtls_oid_descriptor_t *) p; \ const TYPE_T *p = (LIST); \
const mbedtls_oid_descriptor_t *cur = \
(const mbedtls_oid_descriptor_t *) p; \
if( p == NULL || oid == NULL ) return( NULL ); \ if( p == NULL || oid == NULL ) return( NULL ); \
while( cur->asn1 != NULL ) { \ while( cur->asn1 != NULL ) { \
if( cur->asn1_len == oid->len && \ if( cur->asn1_len == oid->len && \
@ -69,7 +71,7 @@ static const TYPE_T * oid_ ## NAME ## _from_asn1( const mbedtls_asn1_buf *oid )
cur = (const mbedtls_oid_descriptor_t *) p; \ cur = (const mbedtls_oid_descriptor_t *) p; \
} \ } \
return( NULL ); \ return( NULL ); \
} }
/* /*
* Macro to generate a function for retrieving a single attribute from the * Macro to generate a function for retrieving a single attribute from the
@ -103,12 +105,13 @@ int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 )
*/ */
#define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \ #define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \
ATTR2_TYPE, ATTR2) \ ATTR2_TYPE, ATTR2) \
int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \ int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, \
ATTR2_TYPE * ATTR2 ) \
{ \ { \
const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \ const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \ if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \
*ATTR1 = data->ATTR1; \ *(ATTR1) = data->ATTR1; \
*ATTR2 = data->ATTR2; \ *(ATTR2) = data->ATTR2; \
return( 0 ); \ return( 0 ); \
} }
@ -119,9 +122,9 @@ int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2
#define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \ #define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \
int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \ int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \
{ \ { \
const TYPE_T *cur = LIST; \ const TYPE_T *cur = (LIST); \
while( cur->descriptor.asn1 != NULL ) { \ while( cur->descriptor.asn1 != NULL ) { \
if( cur->ATTR1 == ATTR1 ) { \ if( cur->ATTR1 == (ATTR1) ) { \
*oid = cur->descriptor.asn1; \ *oid = cur->descriptor.asn1; \
*olen = cur->descriptor.asn1_len; \ *olen = cur->descriptor.asn1_len; \
return( 0 ); \ return( 0 ); \
@ -140,9 +143,9 @@ int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \
int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \ int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \
size_t *olen ) \ size_t *olen ) \
{ \ { \
const TYPE_T *cur = LIST; \ const TYPE_T *cur = (LIST); \
while( cur->descriptor.asn1 != NULL ) { \ while( cur->descriptor.asn1 != NULL ) { \
if( cur->ATTR1 == ATTR1 && cur->ATTR2 == ATTR2 ) { \ if( cur->ATTR1 == (ATTR1) && cur->ATTR2 == (ATTR2) ) { \
*oid = cur->descriptor.asn1; \ *oid = cur->descriptor.asn1; \
*olen = cur->descriptor.asn1_len; \ *olen = cur->descriptor.asn1_len; \
return( 0 ); \ return( 0 ); \

View File

@ -58,10 +58,10 @@
#define POLY1305_BLOCK_SIZE_BYTES ( 16U ) #define POLY1305_BLOCK_SIZE_BYTES ( 16U )
#define BYTES_TO_U32_LE( data, offset ) \ #define BYTES_TO_U32_LE( data, offset ) \
( (uint32_t) data[offset] \ ( (uint32_t) (data)[offset] \
| (uint32_t) ( (uint32_t) data[( offset ) + 1] << 8 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \
| (uint32_t) ( (uint32_t) data[( offset ) + 2] << 16 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \
| (uint32_t) ( (uint32_t) data[( offset ) + 3] << 24 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \
) )
/* /*

View File

@ -147,22 +147,29 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
D = Dp = ctx->state[3]; D = Dp = ctx->state[3];
E = Ep = ctx->state[4]; E = Ep = ctx->state[4];
#define F1( x, y, z ) ( x ^ y ^ z ) #define F1( x, y, z ) ( (x) ^ (y) ^ (z) )
#define F2( x, y, z ) ( ( x & y ) | ( ~x & z ) ) #define F2( x, y, z ) ( ( (x) & (y) ) | ( ~(x) & (z) ) )
#define F3( x, y, z ) ( ( x | ~y ) ^ z ) #define F3( x, y, z ) ( ( (x) | ~(y) ) ^ (z) )
#define F4( x, y, z ) ( ( x & z ) | ( y & ~z ) ) #define F4( x, y, z ) ( ( (x) & (z) ) | ( (y) & ~(z) ) )
#define F5( x, y, z ) ( x ^ ( y | ~z ) ) #define F5( x, y, z ) ( (x) ^ ( (y) | ~(z) ) )
#define S( x, n ) ( ( x << n ) | ( x >> (32 - n) ) ) #define S( x, n ) ( ( (x) << (n) ) | ( (x) >> (32 - (n)) ) )
#define P( a, b, c, d, e, r, s, f, k ) \ #define P( a, b, c, d, e, r, s, f, k ) \
a += f( b, c, d ) + X[r] + k; \ do \
a = S( a, s ) + e; \ { \
c = S( c, 10 ); (a) += f( (b), (c), (d) ) + X[r] + (k); \
(a) = S( (a), (s) ) + (e); \
(c) = S( (c), 10 ); \
} while( 0 )
#define P2( a, b, c, d, e, r, s, rp, sp ) \ #define P2( a, b, c, d, e, r, s, rp, sp ) \
P( a, b, c, d, e, r, s, F, K ); \ do \
P( a ## p, b ## p, c ## p, d ## p, e ## p, rp, sp, Fp, Kp ); { \
P( (a), (b), (c), (d), (e), (r), (s), F, K ); \
P( a ## p, b ## p, c ## p, d ## p, e ## p, \
(rp), (sp), Fp, Kp ); \
} while( 0 )
#define F F1 #define F F1
#define K 0x00000000 #define K 0x00000000

View File

@ -152,19 +152,21 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
GET_UINT32_BE( W[14], data, 56 ); GET_UINT32_BE( W[14], data, 56 );
GET_UINT32_BE( W[15], data, 60 ); GET_UINT32_BE( W[15], data, 60 );
#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
#define R(t) \ #define R(t) \
( \ ( \
temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \ temp = W[( (t) - 3 ) & 0x0F] ^ W[( (t) - 8 ) & 0x0F] ^ \
W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \ W[( (t) - 14 ) & 0x0F] ^ W[ (t) & 0x0F], \
( W[t & 0x0F] = S(temp,1) ) \ ( W[(t) & 0x0F] = S(temp,1) ) \
) )
#define P(a,b,c,d,e,x) \ #define P(a,b,c,d,e,x) \
{ \ do \
e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \ { \
} (e) += S((a),5) + F((b),(c),(d)) + K + (x); \
(b) = S((b),30); \
} while( 0 )
A = ctx->state[0]; A = ctx->state[0];
B = ctx->state[1]; B = ctx->state[1];
@ -172,7 +174,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
D = ctx->state[3]; D = ctx->state[3];
E = ctx->state[4]; E = ctx->state[4];
#define F(x,y,z) (z ^ (x & (y ^ z))) #define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define K 0x5A827999 #define K 0x5A827999
P( A, B, C, D, E, W[0] ); P( A, B, C, D, E, W[0] );
@ -199,7 +201,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
#undef K #undef K
#undef F #undef F
#define F(x,y,z) (x ^ y ^ z) #define F(x,y,z) ((x) ^ (y) ^ (z))
#define K 0x6ED9EBA1 #define K 0x6ED9EBA1
P( A, B, C, D, E, R(20) ); P( A, B, C, D, E, R(20) );
@ -226,7 +228,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
#undef K #undef K
#undef F #undef F
#define F(x,y,z) ((x & y) | (z & (x | y))) #define F(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
#define K 0x8F1BBCDC #define K 0x8F1BBCDC
P( A, B, C, D, E, R(40) ); P( A, B, C, D, E, R(40) );
@ -253,7 +255,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
#undef K #undef K
#undef F #undef F
#define F(x,y,z) (x ^ y ^ z) #define F(x,y,z) ((x) ^ (y) ^ (z))
#define K 0xCA62C1D6 #define K 0xCA62C1D6
P( A, B, C, D, E, R(60) ); P( A, B, C, D, E, R(60) );

View File

@ -172,8 +172,8 @@ static const uint32_t K[] =
0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2, 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2,
}; };
#define SHR(x,n) ((x & 0xFFFFFFFF) >> n) #define SHR(x,n) (((x) & 0xFFFFFFFF) >> (n))
#define ROTR(x,n) (SHR(x,n) | (x << (32 - n))) #define ROTR(x,n) (SHR(x,n) | ((x) << (32 - (n))))
#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3)) #define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3))
#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10)) #define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10))
@ -181,21 +181,22 @@ static const uint32_t K[] =
#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22)) #define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25)) #define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
#define F0(x,y,z) ((x & y) | (z & (x | y))) #define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
#define F1(x,y,z) (z ^ (x & (y ^ z))) #define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define R(t) \ #define R(t) \
( \ ( \
W[t] = S1(W[t - 2]) + W[t - 7] + \ W[t] = S1(W[(t) - 2]) + W[(t) - 7] + \
S0(W[t - 15]) + W[t - 16] \ S0(W[(t) - 15]) + W[(t) - 16] \
) )
#define P(a,b,c,d,e,f,g,h,x,K) \ #define P(a,b,c,d,e,f,g,h,x,K) \
{ \ do \
temp1 = h + S3(e) + F1(e,f,g) + K + x; \ { \
temp2 = S2(a) + F0(a,b,c); \ temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \
d += temp1; h = temp1 + temp2; \ temp2 = S2(a) + F0((a),(b),(c)); \
} (d) += temp1; (h) = temp1 + temp2; \
} while( 0 )
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] ) const unsigned char data[64] )

View File

@ -224,8 +224,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
SHA512_VALIDATE_RET( ctx != NULL ); SHA512_VALIDATE_RET( ctx != NULL );
SHA512_VALIDATE_RET( (const unsigned char *)data != NULL ); SHA512_VALIDATE_RET( (const unsigned char *)data != NULL );
#define SHR(x,n) (x >> n) #define SHR(x,n) ((x) >> (n))
#define ROTR(x,n) (SHR(x,n) | (x << (64 - n))) #define ROTR(x,n) (SHR((x),(n)) | ((x) << (64 - (n))))
#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7)) #define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7))
#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6)) #define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6))
@ -233,15 +233,16 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39)) #define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39))
#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41)) #define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41))
#define F0(x,y,z) ((x & y) | (z & (x | y))) #define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
#define F1(x,y,z) (z ^ (x & (y ^ z))) #define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define P(a,b,c,d,e,f,g,h,x,K) \ #define P(a,b,c,d,e,f,g,h,x,K) \
{ \ do \
temp1 = h + S3(e) + F1(e,f,g) + K + x; \ { \
temp2 = S2(a) + F0(a,b,c); \ temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \
d += temp1; h = temp1 + temp2; \ temp2 = S2(a) + F0((a),(b),(c)); \
} (d) += temp1; (h) = temp1 + temp2; \
} while( 0 )
for( i = 0; i < 16; i++ ) for( i = 0; i < 16; i++ )
{ {

View File

@ -43,11 +43,11 @@
/* /*
* Ordered from most preferred to least preferred in terms of security. * Ordered from most preferred to least preferred in terms of security.
* *
* Current rule (except rc4, weak and null which come last): * Current rule (except RC4 and 3DES, weak and null which come last):
* 1. By key exchange: * 1. By key exchange:
* Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
* 2. By key length and cipher: * 2. By key length and cipher:
* ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 > 3DES * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
* 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
* 4. By hash function used when relevant * 4. By hash function used when relevant
* 5. By key exchange/auth again: EC > non-EC * 5. By key exchange/auth again: EC > non-EC
@ -126,11 +126,6 @@ static const int ciphersuite_preference[] =
MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
/* All remaining >= 128-bit ephemeral suites */
MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
/* The PSK ephemeral suites */ /* The PSK ephemeral suites */
MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
@ -162,9 +157,6 @@ static const int ciphersuite_preference[] =
MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
/* The ECJPAKE suite */ /* The ECJPAKE suite */
MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
@ -228,11 +220,6 @@ static const int ciphersuite_preference[] =
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
/* All remaining >= 128-bit suites */
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
/* The RSA PSK suites */ /* The RSA PSK suites */
MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
@ -251,8 +238,6 @@ static const int ciphersuite_preference[] =
MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
/* The PSK suites */ /* The PSK suites */
MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
@ -275,6 +260,16 @@ static const int ciphersuite_preference[] =
MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
/* 3DES suites */
MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
/* RC4 suites */ /* RC4 suites */
@ -2187,6 +2182,26 @@ const int *mbedtls_ssl_list_ciphersuites( void )
static int supported_ciphersuites[MAX_CIPHERSUITES]; static int supported_ciphersuites[MAX_CIPHERSUITES];
static int supported_init = 0; static int supported_init = 0;
static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
{
(void)cs_info;
#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
return( 1 );
#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
{
return( 1 );
}
#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
return( 0 );
}
const int *mbedtls_ssl_list_ciphersuites( void ) const int *mbedtls_ssl_list_ciphersuites( void )
{ {
/* /*
@ -2202,15 +2217,13 @@ const int *mbedtls_ssl_list_ciphersuites( void )
*p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
p++ ) p++ )
{ {
#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
const mbedtls_ssl_ciphersuite_t *cs_info; const mbedtls_ssl_ciphersuite_t *cs_info;
if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
cs_info->cipher != MBEDTLS_CIPHER_ARC4_128 ) !ciphersuite_is_removed( cs_info ) )
#else {
if( mbedtls_ssl_ciphersuite_from_id( *p ) != NULL )
#endif
*(q++) = *p; *(q++) = *p;
} }
}
*q = 0; *q = 0;
supported_init = 1; supported_init = 1;

View File

@ -300,6 +300,9 @@ static const char *features[] = {
#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
"MBEDTLS_REMOVE_ARC4_CIPHERSUITES", "MBEDTLS_REMOVE_ARC4_CIPHERSUITES",
#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
"MBEDTLS_REMOVE_3DES_CIPHERSUITES",
#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
"MBEDTLS_ECP_DP_SECP192R1_ENABLED", "MBEDTLS_ECP_DP_SECP192R1_ENABLED",
#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */

View File

@ -67,8 +67,15 @@
#include <time.h> #include <time.h>
#endif #endif
#define CHECK(code) if( ( ret = code ) != 0 ){ return( ret ); } #define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); }
#define CHECK_RANGE(min, max, val) if( val < min || val > max ){ return( ret ); } #define CHECK_RANGE(min, max, val) \
do \
{ \
if( ( val ) < ( min ) || ( val ) > ( max ) ) \
{ \
return( ret ); \
} \
} while( 0 )
/* /*
* CertificateSerialNumber ::= INTEGER * CertificateSerialNumber ::= INTEGER
@ -354,6 +361,8 @@ static int x509_get_attr_type_value( unsigned char **p,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
end = *p + len;
if( ( end - *p ) < 1 ) if( ( end - *p ) < 1 )
return( MBEDTLS_ERR_X509_INVALID_NAME + return( MBEDTLS_ERR_X509_INVALID_NAME +
MBEDTLS_ERR_ASN1_OUT_OF_DATA ); MBEDTLS_ERR_ASN1_OUT_OF_DATA );
@ -387,6 +396,12 @@ static int x509_get_attr_type_value( unsigned char **p,
val->p = *p; val->p = *p;
*p += val->len; *p += val->len;
if( *p != end )
{
return( MBEDTLS_ERR_X509_INVALID_NAME +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
cur->next = NULL; cur->next = NULL;
return( 0 ); return( 0 );
@ -698,25 +713,20 @@ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
int ret; int ret;
size_t len; size_t len;
if( *p == end ) /* Extension structure use EXPLICIT tagging. That is, the actual
return( 0 ); * `Extensions` structure is wrapped by a tag-length pair using
* the respective context-specific tag. */
ext->tag = **p; ret = mbedtls_asn1_get_tag( p, end, &ext->len,
MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag );
if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len, if( ret != 0 )
MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag ) ) != 0 ) return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
return( ret );
ext->tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag;
ext->p = *p; ext->p = *p;
end = *p + ext->len; end = *p + ext->len;
/* /*
* Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
*
* Extension ::= SEQUENCE {
* extnID OBJECT IDENTIFIER,
* critical BOOLEAN DEFAULT FALSE,
* extnValue OCTET STRING }
*/ */
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
@ -1001,8 +1011,8 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from )
*/ */
int mbedtls_x509_self_test( int verbose ) int mbedtls_x509_self_test( int verbose )
{ {
int ret = 0;
#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C)
int ret;
uint32_t flags; uint32_t flags;
mbedtls_x509_crt cacert; mbedtls_x509_crt cacert;
mbedtls_x509_crt clicert; mbedtls_x509_crt clicert;
@ -1010,6 +1020,7 @@ int mbedtls_x509_self_test( int verbose )
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( " X.509 certificate load: " ); mbedtls_printf( " X.509 certificate load: " );
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert ); mbedtls_x509_crt_init( &clicert );
ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt,
@ -1019,11 +1030,9 @@ int mbedtls_x509_self_test( int verbose )
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( ret ); goto cleanup;
} }
mbedtls_x509_crt_init( &cacert );
ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt, ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt,
mbedtls_test_ca_crt_len ); mbedtls_test_ca_crt_len );
if( ret != 0 ) if( ret != 0 )
@ -1031,7 +1040,7 @@ int mbedtls_x509_self_test( int verbose )
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( ret ); goto cleanup;
} }
if( verbose != 0 ) if( verbose != 0 )
@ -1043,20 +1052,19 @@ int mbedtls_x509_self_test( int verbose )
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( ret ); goto cleanup;
} }
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "passed\n\n"); mbedtls_printf( "passed\n\n");
cleanup:
mbedtls_x509_crt_free( &cacert ); mbedtls_x509_crt_free( &cacert );
mbedtls_x509_crt_free( &clicert ); mbedtls_x509_crt_free( &clicert );
return( 0 );
#else #else
((void) verbose); ((void) verbose);
return( 0 );
#endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA1_C */ #endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA1_C */
return( ret );
} }
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

View File

@ -103,17 +103,17 @@ static int x509_get_crl_ext( unsigned char **p,
{ {
int ret; int ret;
if( *p == end )
return( 0 );
/* /*
* crlExtensions [0] EXPLICIT Extensions OPTIONAL * crlExtensions [0] EXPLICIT Extensions OPTIONAL
* -- if present, version MUST be v2 * -- if present, version MUST be v2
*/ */
if( ( ret = mbedtls_x509_get_ext( p, end, ext, 0 ) ) != 0 ) if( ( ret = mbedtls_x509_get_ext( p, end, ext, 0 ) ) != 0 )
{
if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
return( 0 );
return( ret ); return( ret );
}
end = ext->p + ext->len;
while( *p < end ) while( *p < end )
{ {

View File

@ -65,19 +65,6 @@
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
#include <windows.h> #include <windows.h>
#if defined(_MSC_VER) && _MSC_VER <= 1600
/* Visual Studio 2010 and earlier issue a warning when both <stdint.h> and
* <intsafe.h> are included, as they redefine a number of <TYPE>_MAX constants.
* These constants are guaranteed to be the same, though, so we suppress the
* warning when including intsafe.h.
*/
#pragma warning( push )
#pragma warning( disable : 4005 )
#endif
#include <intsafe.h>
#if defined(_MSC_VER) && _MSC_VER <= 1600
#pragma warning( pop )
#endif
#else #else
#include <time.h> #include <time.h>
#endif #endif
@ -381,7 +368,7 @@ static void x509_crt_verify_chain_reset(
for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ ) for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ )
{ {
ver_chain->items[i].crt = NULL; ver_chain->items[i].crt = NULL;
ver_chain->items[i].flags = -1; ver_chain->items[i].flags = (uint32_t) -1;
} }
ver_chain->len = 0; ver_chain->len = 0;
@ -406,7 +393,7 @@ static int x509_get_version( unsigned char **p,
return( 0 ); return( 0 );
} }
return( ret ); return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
} }
end = *p + len; end = *p + len;
@ -473,7 +460,7 @@ static int x509_get_uid( unsigned char **p,
if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
return( 0 ); return( 0 );
return( ret ); return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
} }
uid->p = *p; uid->p = *p;
@ -712,14 +699,13 @@ static int x509_get_crt_ext( unsigned char **p,
size_t len; size_t len;
unsigned char *end_ext_data, *end_ext_octet; unsigned char *end_ext_data, *end_ext_octet;
if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 ) if( *p == end )
{
if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
return( 0 ); return( 0 );
if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 )
return( ret ); return( ret );
}
end = crt->v3_ext.p + crt->v3_ext.len;
while( *p < end ) while( *p < end )
{ {
/* /*
@ -1291,7 +1277,6 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
char filename[MAX_PATH]; char filename[MAX_PATH];
char *p; char *p;
size_t len = strlen( path ); size_t len = strlen( path );
int lengthAsInt = 0;
WIN32_FIND_DATAW file_data; WIN32_FIND_DATAW file_data;
HANDLE hFind; HANDLE hFind;
@ -1306,18 +1291,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
p = filename + len; p = filename + len;
filename[len++] = '*'; filename[len++] = '*';
if ( FAILED ( SizeTToInt( len, &lengthAsInt ) ) ) w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir,
return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
/*
* Note this function uses the code page CP_ACP, and assumes the incoming
* string is encoded in ANSI, before translating it into Unicode. If the
* incoming string were changed to be UTF-8, then the length check needs to
* change to check the number of characters, not the number of bytes, in the
* incoming string are less than MAX_PATH to avoid a buffer overrun with
* MultiByteToWideChar().
*/
w_ret = MultiByteToWideChar( CP_ACP, 0, filename, lengthAsInt, szDir,
MAX_PATH - 3 ); MAX_PATH - 3 );
if( w_ret == 0 ) if( w_ret == 0 )
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
@ -1334,11 +1308,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
continue; continue;
if ( FAILED( SizeTToInt( wcslen( file_data.cFileName ), &lengthAsInt ) ) )
return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName, w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
lengthAsInt, lstrlenW( file_data.cFileName ),
p, (int) len - 1, p, (int) len - 1,
NULL, NULL ); NULL, NULL );
if( w_ret == 0 ) if( w_ret == 0 )
@ -1467,7 +1438,7 @@ static int x509_info_subject_alt_name( char **buf, size_t *size,
} }
#define CERT_TYPE(type,name) \ #define CERT_TYPE(type,name) \
if( ns_cert_type & type ) \ if( ns_cert_type & (type) ) \
PRINT_ITEM( name ); PRINT_ITEM( name );
static int x509_info_cert_type( char **buf, size_t *size, static int x509_info_cert_type( char **buf, size_t *size,
@ -1494,7 +1465,7 @@ static int x509_info_cert_type( char **buf, size_t *size,
} }
#define KEY_USAGE(code,name) \ #define KEY_USAGE(code,name) \
if( key_usage & code ) \ if( key_usage & (code) ) \
PRINT_ITEM( name ); PRINT_ITEM( name );
static int x509_info_key_usage( char **buf, size_t *size, static int x509_info_key_usage( char **buf, size_t *size,

View File

@ -282,12 +282,21 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz
"-----BEGIN CERTIFICATE REQUEST-----", "-----BEGIN CERTIFICATE REQUEST-----",
"-----END CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----",
buf, NULL, 0, &use_len ); buf, NULL, 0, &use_len );
if( ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
{
ret = mbedtls_pem_read_buffer( &pem,
"-----BEGIN NEW CERTIFICATE REQUEST-----",
"-----END NEW CERTIFICATE REQUEST-----",
buf, NULL, 0, &use_len );
}
if( ret == 0 ) if( ret == 0 )
{
/* /*
* Was PEM encoded, parse the result * Was PEM encoded, parse the result
*/ */
ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ); ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen );
}
mbedtls_pem_free( &pem ); mbedtls_pem_free( &pem );
if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )

View File

@ -218,26 +218,51 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
} }
#endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_SHA1_C */
static size_t crt_get_unused_bits_for_named_bitstring( unsigned char bitstring,
size_t bit_offset )
{
size_t unused_bits;
/* Count the unused bits removing trailing 0s */
for( unused_bits = bit_offset; unused_bits < 8; unused_bits++ )
if( ( ( bitstring >> unused_bits ) & 0x1 ) != 0 )
break;
return( unused_bits );
}
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
unsigned int key_usage ) unsigned int key_usage )
{ {
unsigned char buf[4], ku; unsigned char buf[4], ku;
unsigned char *c; unsigned char *c;
int ret; int ret;
size_t unused_bits;
const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE |
MBEDTLS_X509_KU_NON_REPUDIATION |
MBEDTLS_X509_KU_KEY_ENCIPHERMENT |
MBEDTLS_X509_KU_DATA_ENCIPHERMENT |
MBEDTLS_X509_KU_KEY_AGREEMENT |
MBEDTLS_X509_KU_KEY_CERT_SIGN |
MBEDTLS_X509_KU_CRL_SIGN;
/* We currently only support 7 bits, from 0x80 to 0x02 */ /* Check that nothing other than the allowed flags is set */
if( ( key_usage & ~0xfe ) != 0 ) if( ( key_usage & ~allowed_bits ) != 0 )
return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
c = buf + 4; c = buf + 4;
ku = (unsigned char) key_usage; ku = (unsigned char)key_usage;
unused_bits = crt_get_unused_bits_for_named_bitstring( ku, 1 );
ret = mbedtls_asn1_write_bitstring( &c, buf, &ku, 8 - unused_bits );
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ku, 7 ) ) != 4 ) if( ret < 0 )
return( ret ); return( ret );
else if( ret < 3 || ret > 4 )
return( MBEDTLS_ERR_X509_INVALID_FORMAT );
ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
1, buf, 4 ); 1, c, (size_t)ret );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
@ -249,16 +274,22 @@ int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
{ {
unsigned char buf[4]; unsigned char buf[4];
unsigned char *c; unsigned char *c;
size_t unused_bits;
int ret; int ret;
c = buf + 4; c = buf + 4;
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 ) unused_bits = crt_get_unused_bits_for_named_bitstring( ns_cert_type, 0 );
ret = mbedtls_asn1_write_bitstring( &c,
buf,
&ns_cert_type,
8 - unused_bits );
if( ret < 3 || ret > 4 )
return( ret ); return( ret );
ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
0, buf, 4 ); 0, c, (size_t)ret );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );

View File

@ -81,20 +81,39 @@ int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
0, val, val_len ); 0, val, val_len );
} }
static size_t csr_get_unused_bits_for_named_bitstring( unsigned char bitstring,
size_t bit_offset )
{
size_t unused_bits;
/* Count the unused bits removing trailing 0s */
for( unused_bits = bit_offset; unused_bits < 8; unused_bits++ )
if( ( ( bitstring >> unused_bits ) & 0x1 ) != 0 )
break;
return( unused_bits );
}
int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ) int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
{ {
unsigned char buf[4]; unsigned char buf[4];
unsigned char *c; unsigned char *c;
size_t unused_bits;
int ret; int ret;
c = buf + 4; c = buf + 4;
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 ) unused_bits = csr_get_unused_bits_for_named_bitstring( key_usage, 0 );
ret = mbedtls_asn1_write_bitstring( &c, buf, &key_usage, 8 - unused_bits );
if( ret < 0 )
return( ret ); return( ret );
else if( ret < 3 || ret > 4 )
return( MBEDTLS_ERR_X509_INVALID_FORMAT );
ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
buf, 4 ); c, (size_t)ret );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
@ -106,16 +125,25 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
{ {
unsigned char buf[4]; unsigned char buf[4];
unsigned char *c; unsigned char *c;
size_t unused_bits;
int ret; int ret;
c = buf + 4; c = buf + 4;
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 ) unused_bits = csr_get_unused_bits_for_named_bitstring( ns_cert_type, 0 );
ret = mbedtls_asn1_write_bitstring( &c,
buf,
&ns_cert_type,
8 - unused_bits );
if( ret < 0 )
return( ret );
else if( ret < 3 || ret > 4 )
return( ret ); return( ret );
ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
buf, 4 ); c, (size_t)ret );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );