mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-29 12:32:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/development' into asn1write-size

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2023-09-15 18:02:59 +01:00
commit 127f35d5e5
103 changed files with 1178 additions and 475 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
3rdparty/everest/include/everest/vs2013/inttypes.h vendored
View File

@ -17,7 +17,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
#ifndef _INTTYPES_H_VS2010

2
3rdparty/everest/include/everest/vs2013/stdbool.h vendored
View File

@ -17,7 +17,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
#ifndef _STDBOOL_H_VS2010

2
3rdparty/everest/include/everest/x25519.h vendored
View File

@ -16,7 +16,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
#ifndef MBEDTLS_X25519_H

2
3rdparty/everest/library/Hacl_Curve25519_joined.c vendored
View File

@ -16,7 +16,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
#ifndef _BSD_SOURCE
/* Required to get htole64() from gcc/glibc's endian.h (older systems)

2
3rdparty/everest/library/x25519.c vendored
View File

@ -16,7 +16,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
#include "common.h"

8
3rdparty/p256-m/p256-m/p256-m.c vendored
View File

@ -7,6 +7,7 @@
*/
#include "p256-m.h"
#include "mbedtls/platform_util.h"
#include "psa/crypto.h"
#include <stdio.h>
#include <stdlib.h>
@ -17,12 +18,7 @@
/*
* Zeroize memory - this should not be optimized away
*/
static void zeroize(void *d, size_t n)
{
volatile char *p = d;
while( n-- )
*p++ = 0;
}
#define zeroize mbedtls_platform_zeroize
/*
* Helpers to test constant-time behaviour with valgrind or MemSan.

2
3rdparty/p256-m/p256-m_driver_entrypoints.h vendored
View File

@ -31,7 +31,7 @@
/** Generate SECP256R1 ECC Key Pair.
* Interface function which calls the p256-m key generation function and
* places it in the key buffer provided by the caller (mbed TLS) in the
* places it in the key buffer provided by the caller (Mbed TLS) in the
* correct format. For a SECP256R1 curve this is the 32 bit private key.
*
* \param[in] attributes The attributes of the key to use for the

12
CMakeLists.txt
View File

@ -34,14 +34,14 @@ cmake_policy(SET CMP0011 NEW)
cmake_policy(SET CMP0012 NEW)
if(TEST_CPP)
project("mbed TLS" LANGUAGES C CXX)
project("Mbed TLS" LANGUAGES C CXX)
else()
project("mbed TLS" LANGUAGES C)
project("Mbed TLS" LANGUAGES C)
endif()
include(GNUInstallDirs)
# Determine if mbed TLS is being built as a subproject using add_subdirectory()
# Determine if Mbed TLS is being built as a subproject using add_subdirectory()
if(NOT DEFINED MBEDTLS_AS_SUBPROJECT)
set(MBEDTLS_AS_SUBPROJECT ON)
if(CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR)
@ -52,7 +52,7 @@ endif()
# Set the project root directory.
set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR})
option(ENABLE_PROGRAMS "Build mbed TLS programs." ON)
option(ENABLE_PROGRAMS "Build Mbed TLS programs." ON)
option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF)
option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON)
@ -71,9 +71,9 @@ string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${CMAKE_C_COMPILER_ID}")
# the test suites currently have compile errors with MSVC
if(CMAKE_COMPILER_IS_MSVC)
option(ENABLE_TESTING "Build mbed TLS tests." OFF)
option(ENABLE_TESTING "Build Mbed TLS tests." OFF)
else()
option(ENABLE_TESTING "Build mbed TLS tests." ON)
option(ENABLE_TESTING "Build Mbed TLS tests." ON)
endif()
# Warning string - created as a list for compatibility with CMake 2.8

3
ChangeLog.d/extend-distinguished-names.txt Normal file
View File

@ -0,0 +1,3 @@
Features
* Accept arbitrary AttributeType and AttributeValue in certificate
Distinguished Names using RFC 4514 syntax.

2
ChangeLog.d/fix-log-level-msg.txt Normal file
View File

@ -0,0 +1,2 @@
Bugfix
* Fix log level for the got supported group message. Fixes #6765

3
ChangeLog.d/tls13-custom-config.txt Normal file
View File

@ -0,0 +1,3 @@
Bugfix
* Fix undefined symbols in some builds using TLS 1.3 with a custom
configuration file.

2
DartConfiguration.tcl
View File

@ -1,4 +1,4 @@
Site: localhost
BuildName: mbed TLS-test
BuildName: Mbed TLS-test
CoverageCommand: /usr/bin/gcov
MemoryCheckCommand: /usr/bin/valgrind

2
configs/README.txt
View File

@ -21,4 +21,4 @@ them, you can pick one of the following methods:
make
Note that the second method also works if you want to keep your custom
configuration file outside the mbed TLS tree.
configuration file outside the Mbed TLS tree.

4
configs/config-no-entropy.h
View File

@ -33,7 +33,7 @@
#define MBEDTLS_HAVE_ASM
#define MBEDTLS_HAVE_TIME
/* mbed TLS feature support */
/* Mbed TLS feature support */
#define MBEDTLS_CIPHER_MODE_CBC
#define MBEDTLS_CIPHER_PADDING_PKCS7
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
@ -47,7 +47,7 @@
#define MBEDTLS_SELF_TEST
#define MBEDTLS_VERSION_FEATURES
/* mbed TLS modules */
/* Mbed TLS modules */
#define MBEDTLS_AES_C
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_ASN1_WRITE_C

4
configs/config-suite-b.h
View File

@ -37,13 +37,13 @@
#define MBEDTLS_HAVE_ASM
#define MBEDTLS_HAVE_TIME
/* mbed TLS feature support */
/* Mbed TLS feature support */
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#define MBEDTLS_SSL_PROTO_TLS1_2
/* mbed TLS modules */
/* Mbed TLS modules */
#define MBEDTLS_AES_C
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_ASN1_WRITE_C

4
configs/config-thread.h
View File

@ -35,7 +35,7 @@
/* System support */
#define MBEDTLS_HAVE_ASM
/* mbed TLS feature support */
/* Mbed TLS feature support */
#define MBEDTLS_AES_ROM_TABLES
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
#define MBEDTLS_ECP_NIST_OPTIM
@ -46,7 +46,7 @@
#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
/* mbed TLS modules */
/* Mbed TLS modules */
#define MBEDTLS_AES_C
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_ASN1_WRITE_C

39
docs/driver-only-builds.md
View File

@ -76,10 +76,6 @@ TODO
Elliptic-curve cryptography (ECC)
---------------------------------
Note: things are still evolving. This section describes the situation right
after #7452 has been merged. It will be updated again in #7757 when bignum is
done.
It is possible to have most ECC operations provided only by a driver:
- the ECDH, ECDSA and EC J-PAKE algorithms;
- key import, export, and random generation.
@ -107,6 +103,11 @@ without `MBEDTLS_ECP_C` provided the corresponding
RSA or FFDH, then you can also disable `MBEDTLS_BIGNUM_C` for further code
size saving.
[Coming soon] As noted in the "Limitations regarding the selection of curves"
section below, there is an upcoming requirement for all the required curves to
also be accelerated in the PSA driver in order to exclude the builtin algs
support.
### Limitations regarding fully removing `ecp.c`
A limited subset of `ecp.c` will still be automatically re-enabled if any of
@ -144,10 +145,34 @@ timeline, please let us know if you're interested.
### Limitations regarding the selection of curves
TODO: apparently we don't really support having some curves built-in and
others driver-only... investigate and describe the situation. See also #7899.
There is ongoing work which is trying to establish the links and constraints
between the list of supported curves and supported algorithms both in the
builtin and PSA sides. In particular:
- #8014 ensures that the curves supported on the PSA side (`PSA_WANT_ECC_xxx`)
are always a superset of the builtin ones (`MBEDTLS_ECP_DP_xxx`)
- #8016 forces builtin alg support as soon as there is at least one builtin
curve. In other words, in order to exclue all builtin algs, all the required
curves should be supported and accelerated by the PSA driver.
Finite-field Diffie-Hellman
---------------------------
TODO
Support is pretty similar to the "Elliptic-curve cryptography (ECC)" section
above.
Key management and usage can be enabled by means of the usual `PSA_WANT` +
`MBEDTLS_PSA_ACCEL` pairs:
- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_PUBLIC_KEY`;
- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_BASIC`;
- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_IMPORT`;
- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_EXPORT`;
- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_GENERATE`;
The same holds for the associated algorithm:
`[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_FFDH` allow builds accelerating FFDH and
removing builtin support (i.e. `MBEDTLS_DHM_C`).
### Limitations
Support for deterministic derivation of a DH keypair
(i.e. `PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE`) is not supported.

2
doxygen/mbedtls.doxyfile
View File

@ -1,4 +1,4 @@
PROJECT_NAME = "mbed TLS v3.4.1"
PROJECT_NAME = "Mbed TLS v3.4.1"
OUTPUT_DIRECTORY = ../apidoc/
FULL_PATH_NAMES = NO
OPTIMIZE_OUTPUT_FOR_C = YES

2
include/CMakeLists.txt
View File

@ -1,4 +1,4 @@
option(INSTALL_MBEDTLS_HEADERS "Install mbed TLS headers." ON)
option(INSTALL_MBEDTLS_HEADERS "Install Mbed TLS headers." ON)
if(INSTALL_MBEDTLS_HEADERS)

12
include/mbedtls/asn1.h
View File

@ -96,15 +96,14 @@
/* Slightly smaller way to check if tag is a string tag
* compared to canonical implementation. */
#define MBEDTLS_ASN1_IS_STRING_TAG(tag) \
((tag) < 32u && ( \
#define MBEDTLS_ASN1_IS_STRING_TAG(tag) \
((unsigned int) (tag) < 32u && ( \
((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING) | \
(1u << MBEDTLS_ASN1_UTF8_STRING) | \
(1u << MBEDTLS_ASN1_T61_STRING) | \
(1u << MBEDTLS_ASN1_IA5_STRING) | \
(1u << MBEDTLS_ASN1_UNIVERSAL_STRING) | \
(1u << MBEDTLS_ASN1_PRINTABLE_STRING) | \
(1u << MBEDTLS_ASN1_BIT_STRING))) != 0))
(1u << MBEDTLS_ASN1_PRINTABLE_STRING))) != 0))
/*
* Bit masks for each of the components of an ASN.1 tag as specified in
@ -210,6 +209,7 @@ typedef struct mbedtls_asn1_named_data {
}
mbedtls_asn1_named_data;
#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C)
/**
* \brief Get the length of an ASN.1 element.
* Updates the pointer to immediately behind the length.
@ -256,7 +256,9 @@ int mbedtls_asn1_get_len(unsigned char **p,
int mbedtls_asn1_get_tag(unsigned char **p,
const unsigned char *end,
size_t *len, int tag);
#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C */
#if defined(MBEDTLS_ASN1_PARSE_C)
/**
* \brief Retrieve a boolean ASN.1 tag and its value.
* Updates the pointer to immediately behind the full tag.
@ -646,4 +648,6 @@ void mbedtls_asn1_free_named_data_list_shallow(mbedtls_asn1_named_data *name);
}
#endif
#endif /* MBEDTLS_ASN1_PARSE_C */
#endif /* asn1.h */

5
include/mbedtls/asn1write.h
View File

@ -48,6 +48,7 @@
extern "C" {
#endif
#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C)
/**
* \brief Write a length field in ASN.1 format.
*
@ -76,7 +77,9 @@ int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start,
*/
int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start,
unsigned char tag);
#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C */
#if defined(MBEDTLS_ASN1_WRITE_C)
/**
* \brief Write raw buffer data.
*
@ -393,4 +396,6 @@ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data *
}
#endif
#endif /* MBEDTLS_ASN1_WRITE_C */
#endif /* MBEDTLS_ASN1_WRITE_H */

27
include/mbedtls/build_info.h
View File

@ -47,7 +47,32 @@
*/
#define MBEDTLS_VERSION_NUMBER 0x03040100
#define MBEDTLS_VERSION_STRING "3.4.1"
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 3.4.1"
#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.4.1"
/* Macros for build-time platform detection */
#if !defined(MBEDTLS_ARCH_IS_ARM64) && \
(defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC))
#define MBEDTLS_ARCH_IS_ARM64
#endif
#if !defined(MBEDTLS_ARCH_IS_ARM32) && \
(defined(__arm__) || defined(_M_ARM) || \
defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__))
#define MBEDTLS_ARCH_IS_ARM32
#endif
#if !defined(MBEDTLS_ARCH_IS_X64) && \
(defined(__amd64__) || defined(__x86_64__) || \
((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC)))
#define MBEDTLS_ARCH_IS_X64
#endif
#if !defined(MBEDTLS_ARCH_IS_X86) && \
(defined(__i386__) || defined(_X86_) || \
(defined(_M_IX86) && !defined(_M_I86)))
#define MBEDTLS_ARCH_IS_X86
#endif
#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
#define _CRT_SECURE_NO_DEPRECATE 1

10
include/mbedtls/check_config.h
View File

@ -30,7 +30,7 @@
*/
#include <limits.h>
#if CHAR_BIT != 8
#error "mbed TLS requires a platform with 8-bit chars"
#error "Mbed TLS requires a platform with 8-bit chars"
#endif
#include <stdint.h>
@ -830,10 +830,10 @@
#endif
#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) && \
( !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) || \
( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0 ) || \
( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX ) )
#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE MUST be defined and in range(0..UINT32_MAX)"
defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) && \
((MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0) || \
(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX))
#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE must be in the range(0..UINT32_MAX)"
#endif
#if defined(MBEDTLS_SSL_PROTO_DTLS) && \

12
include/mbedtls/config_adjust_legacy_from_psa.h
View File

@ -67,6 +67,10 @@
#if defined(PSA_WANT_ALG_HKDF)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
/*
* The PSA implementation has its own implementation of HKDF, separate from
* hkdf.c. No need to enable MBEDTLS_HKDF_C here.
*/
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
@ -74,6 +78,10 @@
#if defined(PSA_WANT_ALG_HKDF_EXTRACT)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT)
/*
* The PSA implementation has its own implementation of HKDF, separate from
* hkdf.c. No need to enable MBEDTLS_HKDF_C here.
*/
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */
@ -81,6 +89,10 @@
#if defined(PSA_WANT_ALG_HKDF_EXPAND)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND)
/*
* The PSA implementation has its own implementation of HKDF, separate from
* hkdf.c. No need to enable MBEDTLS_HKDF_C here.
*/
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */

2
include/mbedtls/ecp.h
View File

@ -175,7 +175,7 @@ mbedtls_ecp_point;
#if !defined(MBEDTLS_ECP_ALT)
/*
* default mbed TLS elliptic curve arithmetic implementation
* default Mbed TLS elliptic curve arithmetic implementation
*
* (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an
* alternative implementation for the whole module and it will replace this

6
include/mbedtls/error.h
View File

@ -166,9 +166,9 @@ static inline int mbedtls_error_add(int high, int low,
}
/**
* \brief Translate a mbed TLS error code into a string representation,
* Result is truncated if necessary and always includes a terminating
* null byte.
* \brief Translate an Mbed TLS error code into a string representation.
* The result is truncated if necessary and always includes a
* terminating null byte.
*
* \param errnum error code
* \param buffer buffer to place representation in

265
include/mbedtls/mbedtls_config.h
View File

@ -168,7 +168,7 @@
*
* Enable the memory allocation layer.
*
* By default mbed TLS uses the system-provided calloc() and free().
* By default Mbed TLS uses the system-provided calloc() and free().
* This allows different allocators (self-implemented or provided) to be
* provided to the platform abstraction layer.
*
@ -241,10 +241,10 @@
/**
* \def MBEDTLS_PLATFORM_EXIT_ALT
*
* MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
* MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let Mbed TLS support the
* function in the platform abstraction layer.
*
* Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
* Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, Mbed TLS will
* provide a function "mbedtls_platform_set_printf()" that allows you to set an
* alternative printf function pointer.
*
@ -272,6 +272,48 @@
//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
//#define MBEDTLS_PLATFORM_MS_TIME_ALT
/**
* Uncomment the macro to let Mbed TLS use your alternate implementation of
* mbedtls_platform_gmtime_r(). This replaces the default implementation in
* platform_util.c.
*
* gmtime() is not a thread-safe function as defined in the C standard. The
* library will try to use safer implementations of this function, such as
* gmtime_r() when available. However, if Mbed TLS cannot identify the target
* system, the implementation of mbedtls_platform_gmtime_r() will default to
* using the standard gmtime(). In this case, calls from the library to
* gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
* if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
* library are also guarded with this mutex to avoid race conditions. However,
* if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
* unconditionally use the implementation for mbedtls_platform_gmtime_r()
* supplied at compile time.
*/
//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
/**
* Uncomment the macro to let Mbed TLS use your alternate implementation of
* mbedtls_platform_zeroize(), to wipe sensitive data in memory. This replaces
* the default implementation in platform_util.c.
*
* By default, the library uses a system function such as memset_s()
* (optional feature of C11), explicit_bzero() (BSD and compatible), or
* SecureZeroMemory (Windows). If no such function is detected, the library
* falls back to a plain C implementation. Compilers are technically
* permitted to optimize this implementation out, meaning that the memory is
* not actually wiped. The library tries to prevent that, but the C language
* makes it impossible to guarantee that the memory will always be wiped.
*
* If your platform provides a guaranteed method to wipe memory which
* `platform_util.c` does not detect, define this macro to the name of
* a function that takes two arguments, a `void *` pointer and a length,
* and wipes that many bytes starting at the specified address. For example,
* if your platform has explicit_bzero() but `platform_util.c` does not
* detect its presence, define `MBEDTLS_PLATFORM_ZEROIZE_ALT` to be
* `explicit_bzero` to use that function as mbedtls_platform_zeroize().
*/
//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
/**
* \def MBEDTLS_DEPRECATED_WARNING
*
@ -302,7 +344,7 @@
/** \} name SECTION: System support */
/**
* \name SECTION: mbed TLS feature support
* \name SECTION: Mbed TLS feature support
*
* This section sets support for features that are or are not needed
* within the modules that are enabled.
@ -325,7 +367,7 @@
/**
* \def MBEDTLS_AES_ALT
*
* MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
* MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your
* alternate core implementation of a symmetric crypto, an arithmetic or hash
* module (e.g. platform specific assembly optimized implementations). Keep
* in mind that the function prototypes should remain the same.
@ -333,7 +375,7 @@
* This replaces the whole module. If you only want to replace one of the
* functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
*
* Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
* Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer
* provide the "struct mbedtls_aes_context" definition and omit the base
* function declarations and implementations. "aes_alt.h" will be included from
* "aes.h" to include the new function definitions.
@ -381,14 +423,14 @@
/**
* \def MBEDTLS_SHA256_PROCESS_ALT
*
* MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
* MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you
* alternate core implementation of symmetric crypto or hash function. Keep in
* mind that function prototypes should remain the same.
*
* This replaces only one function. The header file from mbed TLS is still
* This replaces only one function. The header file from Mbed TLS is still
* used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
*
* Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
* Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will
* no longer provide the mbedtls_sha1_process() function, but it will still provide
* the other function (using your mbedtls_sha1_process() function) and the definition
* of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
@ -438,11 +480,11 @@
*
* Expose a part of the internal interface of the Elliptic Curve Point module.
*
* MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
* MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use your
* alternative core implementation of elliptic curve arithmetic. Keep in mind
* that function prototypes should remain the same.
*
* This partially replaces one function. The header file from mbed TLS is still
* This partially replaces one function. The header file from Mbed TLS is still
* used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
* is still present and it is used for group structures not supported by the
* alternative.
@ -466,11 +508,11 @@
* implement optimized set up and tear down instructions.
*
* Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and
* MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac()
* MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac()
* function, but will use your mbedtls_internal_ecp_double_jac() if the group
* for the operation is supported by your implementation (i.e. your
* mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the
* group is not supported by your implementation, then the original mbed TLS
* group is not supported by your implementation, then the original Mbed TLS
* implementation of ecp_double_jac() is used instead, unless this fallback
* behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case
* ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE).
@ -501,7 +543,7 @@
/**
* \def MBEDTLS_ENTROPY_HARDWARE_ALT
*
* Uncomment this macro to let mbed TLS use your own implementation of a
* Uncomment this macro to let Mbed TLS use your own implementation of a
* hardware entropy collector.
*
* Your function must be called \c mbedtls_hardware_poll(), have the same
@ -569,6 +611,20 @@
*/
//#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
/*
* Disable plain C implementation for AES.
*
* When the plain C implementation is enabled, and an implementation using a
* special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
* detection will be used to select between them.
*
* If only one implementation is present, runtime detection will not be used.
* This configuration will crash at runtime if running on a CPU without the
* necessary features. It will not build unless at least one of MBEDTLS_AESCE_C
* and/or MBEDTLS_AESNI_C is enabled & present in the build.
*/
//#define MBEDTLS_AES_USE_HARDWARE_ONLY
/**
* \def MBEDTLS_CAMELLIA_SMALL_MEMORY
*
@ -692,6 +748,15 @@
*/
//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
/**
* Enable the verified implementations of ECDH primitives from Project Everest
* (currently only Curve25519). This feature changes the layout of ECDH
* contexts and therefore is a compatibility break for applications that access
* fields of a mbedtls_ecdh_context structure directly. See also
* MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h.
*/
//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
/**
* \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
*
@ -782,6 +847,28 @@
*/
//#define MBEDTLS_ECP_RESTARTABLE
/**
* Uncomment to enable using new bignum code in the ECC modules.
*
* \warning This is currently experimental, incomplete and therefore should not
* be used in production.
*/
//#define MBEDTLS_ECP_WITH_MPI_UINT
/**
* Uncomment to enable p256-m, which implements ECC key generation, ECDH,
* and ECDSA for SECP256R1 curves. This driver is used as an example to
* document how a third-party driver or software accelerator can be integrated
* to work alongside Mbed TLS.
*
* \warning p256-m has only been included to serve as a sample implementation
* of how a driver/accelerator can be integrated alongside Mbed TLS. It is not
* intended for use in production. p256-m files in Mbed TLS are not updated
* regularly, so they may not contain upstream fixes/improvements.
* DO NOT ENABLE/USE THIS MACRO IN PRODUCTION BUILDS!
*/
//#define MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED
/**
* \def MBEDTLS_ECDSA_DETERMINISTIC
*
@ -1404,7 +1491,7 @@
* \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
*
* Enable sending of alert messages in case of encountered errors as per RFC.
* If you choose not to send the alert messages, mbed TLS can still communicate
* If you choose not to send the alert messages, Mbed TLS can still communicate
* with other servers, only debugging of failures is harder.
*
* The advantage of not sending alert messages, is that no information is given
@ -1643,9 +1730,7 @@
*
* Enable support for TLS 1.3.
*
* \note The support for TLS 1.3 is not comprehensive yet, in particular
* pre-shared keys are not supported.
* See docs/architecture/tls13-support.md for a description of the TLS
* \note See docs/architecture/tls13-support.md for a description of the TLS
* 1.3 support that this option enables.
*
* Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
@ -1745,26 +1830,12 @@
* This feature is experimental, not completed and thus not ready for
* production.
*
* \note The maximum amount of early data can be set with
* MBEDTLS_SSL_MAX_EARLY_DATA_SIZE.
*
*/
//#define MBEDTLS_SSL_EARLY_DATA
/**
* \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
*
* The default maximum amount of 0-RTT data. See the documentation of
* \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
*
* It must be positive and smaller than UINT32_MAX.
*
* If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not
* have any impact on the build.
*
* This feature is experimental, not completed and thus not ready for
* production.
*
*/
#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
/**
* \def MBEDTLS_SSL_PROTO_DTLS
*
@ -2096,12 +2167,12 @@
* Comment this macro to disallow using RSASSA-PSS in certificates.
*/
#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
/** \} name SECTION: mbed TLS feature support */
/** \} name SECTION: Mbed TLS feature support */
/**
* \name SECTION: mbed TLS modules
* \name SECTION: Mbed TLS modules
*
* This section enables or disables entire modules in mbed TLS
* This section enables or disables entire modules in Mbed TLS
* \{
*/
@ -2797,7 +2868,7 @@
* Module: library/memory_buffer_alloc.c
*
* Requires: MBEDTLS_PLATFORM_C
* MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
* MBEDTLS_PLATFORM_MEMORY (to use it within Mbed TLS)
*
* Enable this module to enable the buffer memory allocator.
*/
@ -3399,7 +3470,7 @@
* \def MBEDTLS_THREADING_C
*
* Enable the threading abstraction layer.
* By default mbed TLS assumes it is used in a non-threaded environment or that
* By default Mbed TLS assumes it is used in a non-threaded environment or that
* contexts are not shared between threads. If you do intend to use contexts
* between threads, you will need to enable this layer to prevent race
* conditions. See also our Knowledge Base article about threading:
@ -3413,7 +3484,7 @@
* You will have to enable either MBEDTLS_THREADING_ALT or
* MBEDTLS_THREADING_PTHREAD.
*
* Enable this layer to allow use of mutexes within mbed TLS
* Enable this layer to allow use of mutexes within Mbed TLS
*/
//#define MBEDTLS_THREADING_C
@ -3559,7 +3630,7 @@
*/
#define MBEDTLS_X509_CSR_WRITE_C
/** \} name SECTION: mbed TLS modules */
/** \} name SECTION: Mbed TLS modules */
/**
* \name SECTION: General configuration options
@ -3842,7 +3913,7 @@
//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
/* RSA OPTIONS */
#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */
//#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */
/* SSL Cache options */
//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
@ -3955,6 +4026,23 @@
*/
//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
/**
* \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
*
* The default maximum amount of 0-RTT data. See the documentation of
* \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
*
* It must be positive and smaller than UINT32_MAX.
*
* If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not
* have any impact on the build.
*
* This feature is experimental, not completed and thus not ready for
* production.
*
*/
//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
/**
* \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE
*
@ -3973,7 +4061,7 @@
* This is not used in TLS 1.2.
*
*/
#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
//#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
/**
* \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH
@ -3982,7 +4070,7 @@
*
* This must be less than 256.
*/
#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
//#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
/**
* \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS
@ -3992,95 +4080,10 @@
* the MBEDTLS_SSL_SESSION_TICKETS option is enabled.
*
*/
#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
//#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
/* X509 options */
//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
/**
* Uncomment the macro to let mbed TLS use your alternate implementation of
* mbedtls_platform_zeroize(). This replaces the default implementation in
* platform_util.c.
*
* mbedtls_platform_zeroize() is a widely used function across the library to
* zero a block of memory. The implementation is expected to be secure in the
* sense that it has been written to prevent the compiler from removing calls
* to mbedtls_platform_zeroize() as part of redundant code elimination
* optimizations. However, it is difficult to guarantee that calls to
* mbedtls_platform_zeroize() will not be optimized by the compiler as older
* versions of the C language standards do not provide a secure implementation
* of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
* configure their own implementation of mbedtls_platform_zeroize(), for
* example by using directives specific to their compiler, features from newer
* C standards (e.g using memset_s() in C11) or calling a secure memset() from
* their system (e.g explicit_bzero() in BSD).
*/
//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
/**
* Uncomment the macro to let Mbed TLS use your alternate implementation of
* mbedtls_platform_gmtime_r(). This replaces the default implementation in
* platform_util.c.
*
* gmtime() is not a thread-safe function as defined in the C standard. The
* library will try to use safer implementations of this function, such as
* gmtime_r() when available. However, if Mbed TLS cannot identify the target
* system, the implementation of mbedtls_platform_gmtime_r() will default to
* using the standard gmtime(). In this case, calls from the library to
* gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
* if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
* library are also guarded with this mutex to avoid race conditions. However,
* if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
* unconditionally use the implementation for mbedtls_platform_gmtime_r()
* supplied at compile time.
*/
//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
/**
* Enable the verified implementations of ECDH primitives from Project Everest
* (currently only Curve25519). This feature changes the layout of ECDH
* contexts and therefore is a compatibility break for applications that access
* fields of a mbedtls_ecdh_context structure directly. See also
* MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h.
*/
//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
/**
* Uncomment to enable p256-m, which implements ECC key generation, ECDH,
* and ECDSA for SECP256R1 curves. This driver is used as an example to
* document how a third-party driver or software accelerator can be integrated
* to work alongside Mbed TLS.
*
* \warning p256-m has only been included to serve as a sample implementation
* of how a driver/accelerator can be integrated alongside Mbed TLS. It is not
* intended for use in production. p256-m files in Mbed TLS are not updated
* regularly, so they may not contain upstream fixes/improvements.
* DO NOT ENABLE/USE THIS MACRO IN PRODUCTION BUILDS!
*/
//#define MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED
/**
* Uncomment to enable using new bignum code in the ECC modules.
*
* \warning This is currently experimental, incomplete and therefore should not
* be used in production.
*/
//#define MBEDTLS_ECP_WITH_MPI_UINT
/*
* Disable plain C implementation for AES.
*
* When the plain C implementation is enabled, and an implementation using a
* special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
* detection will be used to select between them.
*
* If only one implementation is present, runtime detection will not be used.
* This configuration will crash at runtime if running on a CPU without the
* necessary features. It will not build unless at least one of MBEDTLS_AESCE_C
* and/or MBEDTLS_AESNI_C is enabled & present in the build.
*/
//#define MBEDTLS_AES_USE_HARDWARE_ONLY
/** \} name SECTION: Module configuration options */

2
include/mbedtls/platform_time.h
View File

@ -1,7 +1,7 @@
/**
* \file platform_time.h
*
* \brief mbed TLS Platform time abstraction
* \brief Mbed TLS Platform time abstraction
*/
/*
* Copyright The Mbed TLS Contributors

16
include/mbedtls/ssl.h
View File

@ -405,6 +405,22 @@
#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
#endif
#if !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE)
#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
#endif
#if !defined(MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE)
#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
#endif
#if !defined(MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH)
#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
#endif
#if !defined(MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS)
#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
#endif
/** \} name SECTION: Module settings */
/*

2
include/mbedtls/ssl_ciphersuites.h
View File

@ -1,7 +1,7 @@
/**
* \file ssl_ciphersuites.h
*
* \brief SSL Ciphersuites for mbed TLS
* \brief SSL Ciphersuites for Mbed TLS
*/
/*
* Copyright The Mbed TLS Contributors

4
include/mbedtls/threading.h
View File

@ -55,9 +55,9 @@ typedef struct mbedtls_threading_mutex_t {
* \brief Set your alternate threading implementation function
* pointers and initialize global mutexes. If used, this
* function must be called once in the main thread before any
* other mbed TLS function is called, and
* other Mbed TLS function is called, and
* mbedtls_threading_free_alt() must be called once in the main
* thread after all other mbed TLS functions.
* thread after all other Mbed TLS functions.
*
* \note mutex_init() and mutex_free() don't return a status code.
* If mutex_init() fails, it should leave its argument (the

8
include/mbedtls/version.h
View File

@ -52,9 +52,9 @@ unsigned int mbedtls_version_get_number(void);
void mbedtls_version_get_string(char *string);
/**
* Get the full version string ("mbed TLS x.y.z").
* Get the full version string ("Mbed TLS x.y.z").
*
* \param string The string that will receive the value. The mbed TLS version
* \param string The string that will receive the value. The Mbed TLS version
* string will use 18 bytes AT MOST including a terminating
* null byte.
* (So the buffer should be at least 18 bytes to receive this
@ -64,12 +64,12 @@ void mbedtls_version_get_string_full(char *string);
/**
* \brief Check if support for a feature was compiled into this
* mbed TLS binary. This allows you to see at runtime if the
* Mbed TLS binary. This allows you to see at runtime if the
* library was for instance compiled with or without
* Multi-threading support.
*
* \note only checks against defines in the sections "System
* support", "mbed TLS modules" and "mbed TLS feature
* support", "Mbed TLS modules" and "Mbed TLS feature
* support" in mbedtls_config.h
*
* \param feature The string for the define to check (e.g. "MBEDTLS_AES_C")

4
include/mbedtls/x509_crt.h
View File

@ -1007,7 +1007,7 @@ int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char *
* \brief Set the issuer name for a Certificate
* Issuer names should contain a comma-separated list
* of OID types and values:
* e.g. "C=UK,O=ARM,CN=mbed TLS CA"
* e.g. "C=UK,O=ARM,CN=Mbed TLS CA"
*
* \param ctx CRT context to use
* \param issuer_name issuer name to set
@ -1022,7 +1022,7 @@ int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx,
* \brief Set the subject name for a Certificate
* Subject names should contain a comma-separated list
* of OID types and values:
* e.g. "C=UK,O=ARM,CN=mbed TLS Server 1"
* e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1"
*
* \param ctx CRT context to use
* \param subject_name subject name to set

2
include/mbedtls/x509_csr.h
View File

@ -180,7 +180,7 @@ void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx);
* \brief Set the subject name for a CSR
* Subject names should contain a comma-separated list
* of OID types and values:
* e.g. "C=UK,O=ARM,CN=mbed TLS Server 1"
* e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1"
*
* \param ctx CSR context to use
* \param subject_name subject name to set

8
library/CMakeLists.txt
View File

@ -1,7 +1,7 @@
option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON)
option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF)
option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF)
option(LINK_WITH_TRUSTED_STORAGE "Explicitly link mbed TLS library to trusted_storage." OFF)
option(USE_STATIC_MBEDTLS_LIBRARY "Build Mbed TLS static library." ON)
option(USE_SHARED_MBEDTLS_LIBRARY "Build Mbed TLS shared library." OFF)
option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF)
option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF)
# Set the project root directory if it's not already defined, as may happen if
# the library folder is included directly by a parent project, without

15
library/aes.c
View File

@ -34,20 +34,19 @@
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
#if defined(__aarch64__)
#if defined(MBEDTLS_ARCH_IS_ARM64)
#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
#endif
#endif
#if defined(__amd64__) || defined(__x86_64__) || \
((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))
#if defined(MBEDTLS_ARCH_IS_X64)
#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
#endif
#endif
#if defined(__i386__) || defined(_M_IX86)
#if defined(MBEDTLS_ARCH_IS_X86)
#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && !defined(MBEDTLS_AESNI_C)
#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
#endif
@ -652,7 +651,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
}
#endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
#if defined(MBEDTLS_AESCE_HAVE_CODE)
if (MBEDTLS_AESCE_HAS_SUPPORT()) {
return mbedtls_aesce_setkey_enc((unsigned char *) RK, key, keybits);
}
@ -764,7 +763,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
}
#endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
#if defined(MBEDTLS_AESCE_HAVE_CODE)
if (MBEDTLS_AESCE_HAS_SUPPORT()) {
mbedtls_aesce_inverse_key(
(unsigned char *) RK,
@ -1091,7 +1090,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
}
#endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
#if defined(MBEDTLS_AESCE_HAVE_CODE)
if (MBEDTLS_AESCE_HAS_SUPPORT()) {
return mbedtls_aesce_crypt_ecb(ctx, mode, input, output);
}
@ -1910,7 +1909,7 @@ int mbedtls_aes_self_test(int verbose)
mbedtls_printf(" AES note: using VIA Padlock.\n");
} else
#endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
#if defined(MBEDTLS_AESCE_HAVE_CODE)
if (MBEDTLS_AESCE_HAS_SUPPORT()) {
mbedtls_printf(" AES note: using AESCE.\n");
} else

4
library/aesce.c
View File

@ -46,7 +46,7 @@
#include "aesce.h"
#if defined(MBEDTLS_HAVE_ARM64)
#if defined(MBEDTLS_ARCH_IS_ARM64)
/* Compiler version checks. */
#if defined(__clang__)
@ -510,6 +510,6 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16],
#undef MBEDTLS_POP_TARGET_PRAGMA
#endif
#endif /* MBEDTLS_HAVE_ARM64 */
#endif /* MBEDTLS_ARCH_IS_ARM64 */
#endif /* MBEDTLS_AESCE_C */

11
library/aesce.h
View File

@ -30,13 +30,10 @@
#include "mbedtls/aes.h"
#if !defined(MBEDTLS_HAVE_ARM64)
#if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
#define MBEDTLS_HAVE_ARM64
#endif
#endif
#if defined(MBEDTLS_HAVE_ARM64)
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARM64)
#define MBEDTLS_AESCE_HAVE_CODE
#ifdef __cplusplus
extern "C" {
@ -131,6 +128,6 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk,
}
#endif
#endif /* MBEDTLS_HAVE_ARM64 */
#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARM64 */
#endif /* MBEDTLS_AESCE_H */

22
library/aesni.h
View File

@ -32,23 +32,8 @@
#define MBEDTLS_AESNI_AES 0x02000000u
#define MBEDTLS_AESNI_CLMUL 0x00000002u
/* Can we do AESNI with inline assembly?
* (Only implemented with gas syntax, only for 64-bit.)
*/
#if !defined(MBEDTLS_HAVE_X86_64) && \
(defined(__amd64__) || defined(__x86_64__) || \
defined(_M_X64) || defined(_M_AMD64)) && \
!defined(_M_ARM64EC)
#define MBEDTLS_HAVE_X86_64
#endif
#if !defined(MBEDTLS_HAVE_X86) && \
(defined(__i386__) || defined(_M_IX86))
#define MBEDTLS_HAVE_X86
#endif
#if defined(MBEDTLS_AESNI_C) && \
(defined(MBEDTLS_HAVE_X86_64) || defined(MBEDTLS_HAVE_X86))
(defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_X86))
/* Can we do AESNI with intrinsics?
* (Only implemented with certain compilers, only for certain targets.)
@ -75,7 +60,10 @@
#if defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
#define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
#elif defined(MBEDTLS_HAVE_ASM) && \
defined(__GNUC__) && defined(MBEDTLS_HAVE_X86_64)
defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X64)
/* Can we do AESNI with inline assembly?
* (Only implemented with gas syntax, only for 64-bit.)
*/
#define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
#elif defined(__GNUC__)
# error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C"

4
library/asn1parse.c
View File

@ -19,7 +19,7 @@
#include "common.h"
#if defined(MBEDTLS_ASN1_PARSE_C)
#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C)
#include "mbedtls/asn1.h"
#include "mbedtls/platform_util.h"
@ -114,7 +114,9 @@ int mbedtls_asn1_get_tag(unsigned char **p,
return mbedtls_asn1_get_len(p, end, len);
}
#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C */
#if defined(MBEDTLS_ASN1_PARSE_C)
int mbedtls_asn1_get_bool(unsigned char **p,
const unsigned char *end,
int *val)

4
library/asn1write.c
View File

@ -19,7 +19,7 @@
#include "common.h"
#if defined(MBEDTLS_ASN1_WRITE_C)
#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C)
#include "mbedtls/asn1write.h"
#include "mbedtls/error.h"
@ -74,7 +74,9 @@ int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsign
return 1;
}
#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C */
#if defined(MBEDTLS_ASN1_WRITE_C)
static int mbedtls_asn1_write_len_and_tag(unsigned char **p,
const unsigned char *start,
size_t len,

4
library/bignum.c
View File

@ -72,7 +72,7 @@ int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X,
}
/*
* Set sign_N to 1 if N >= 0, 0 if N < 0.
* Set N_is_negative to MBEDTLS_CT_FALSE if N >= 0, MBEDTLS_CT_TRUE if N < 0.
* We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0.
*/
X_is_negative = mbedtls_ct_bool((X->s & 2) >> 1);
@ -83,7 +83,7 @@ int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X,
* That is if X is negative (X_is_negative == 1), then X < Y is true and it
* is false if X is positive (X_is_negative == 0).
*/
different_sign = mbedtls_ct_bool_xor(X_is_negative, Y_is_negative); // non-zero if different sign
different_sign = mbedtls_ct_bool_xor(X_is_negative, Y_is_negative); // true if different sign
result = mbedtls_ct_bool_and(different_sign, X_is_negative);
/*

2
library/cipher.c
View File

@ -1,7 +1,7 @@
/**
* \file cipher.c
*
* \brief Generic cipher wrapper for mbed TLS
* \brief Generic cipher wrapper for Mbed TLS
*
* \author Adriaan de Jong <dejong@fox-it.com>
*

2
library/cipher_wrap.c
View File

@ -1,7 +1,7 @@
/**
* \file cipher_wrap.c
*
* \brief Generic cipher wrapper for mbed TLS
* \brief Generic cipher wrapper for Mbed TLS
*
* \author Adriaan de Jong <dejong@fox-it.com>
*

191
library/constant_time_impl.h
View File

@ -1,15 +1,6 @@
/**
* Constant-time functions
*
* For readability, the static inline definitions are here, and
* constant_time_internal.h has only the declarations.
*
* This results in duplicate declarations of the form:
* static inline void f() { ... }
* static inline void f();
* when constant_time_internal.h is included. This appears to behave
* exactly as if the declaration-without-definition was not present.
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
@ -37,11 +28,20 @@
#include "mbedtls/bignum.h"
#endif
/* constant_time_impl.h contains all the static inline implementations,
* so that constant_time_internal.h is more readable.
/*
* To improve readability of constant_time_internal.h, the static inline
* definitions are here, and constant_time_internal.h has only the declarations.
*
* gcc generates warnings about duplicate declarations, so disable this
* warning.
* This results in duplicate declarations of the form:
* static inline void f(); // from constant_time_internal.h
* static inline void f() { ... } // from constant_time_impl.h
* when constant_time_internal.h is included.
*
* This appears to behave as if the declaration-without-definition was not present
* (except for warnings if gcc -Wredundant-decls or similar is used).
*
* Disable -Wredundant-decls so that gcc does not warn about this. This is re-enabled
* at the bottom of this file.
*/
#ifdef __GNUC__
#pragma GCC diagnostic push
@ -71,6 +71,10 @@
#define MBEDTLS_CT_ARM_ASM
#elif defined(__aarch64__)
#define MBEDTLS_CT_AARCH64_ASM
#elif defined(__amd64__) || defined(__x86_64__)
#define MBEDTLS_CT_X86_64_ASM
#elif defined(__i386__)
#define MBEDTLS_CT_X86_ASM
#endif
#endif
@ -132,7 +136,7 @@ static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x)
* seem to apply unified syntax globally, which breaks other asm code.
*/
#if !defined(__clang__)
#define RESTORE_ASM_SYNTAX ".syntax divided \n\t"
#define RESTORE_ASM_SYNTAX ".syntax divided \n\t"
#else
#define RESTORE_ASM_SYNTAX
#endif
@ -150,9 +154,9 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
*/
#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
mbedtls_ct_uint_t s;
asm volatile ("neg %x[s], %x[x] \n\t"
"orr %x[x], %x[s], %x[x] \n\t"
"asr %x[x], %x[x], 63"
asm volatile ("neg %x[s], %x[x] \n\t"
"orr %x[x], %x[s], %x[x] \n\t"
"asr %x[x], %x[x], 63 \n\t"
:
[s] "=&r" (s),
[x] "+&r" (x)
@ -162,10 +166,10 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
return (mbedtls_ct_condition_t) x;
#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
uint32_t s;
asm volatile (".syntax unified \n\t"
"negs %[s], %[x] \n\t"
"orrs %[x], %[x], %[s] \n\t"
"asrs %[x], %[x], #31 \n\t"
asm volatile (".syntax unified \n\t"
"negs %[s], %[x] \n\t"
"orrs %[x], %[x], %[s] \n\t"
"asrs %[x], %[x], #31 \n\t"
RESTORE_ASM_SYNTAX
:
[s] "=&l" (s),
@ -175,6 +179,32 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
"cc" /* clobbers flag bits */
);
return (mbedtls_ct_condition_t) x;
#elif defined(MBEDTLS_CT_X86_64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
uint64_t s;
asm volatile ("mov %[x], %[s] \n\t"
"neg %[s] \n\t"
"or %[x], %[s] \n\t"
"sar $63, %[s] \n\t"
:
[s] "=&a" (s)
:
[x] "D" (x)
:
);
return (mbedtls_ct_condition_t) s;
#elif defined(MBEDTLS_CT_X86_ASM) && defined(MBEDTLS_CT_SIZE_32)
uint32_t s;
asm volatile ("mov %[x], %[s] \n\t"
"neg %[s] \n\t"
"or %[s], %[x] \n\t"
"sar $31, %[x] \n\t"
:
[s] "=&c" (s),
[x] "+&a" (x)
:
:
);
return (mbedtls_ct_condition_t) x;
#else
const mbedtls_ct_uint_t xo = mbedtls_ct_compiler_opaque(x);
#if defined(_MSC_VER)
@ -202,9 +232,9 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition,
mbedtls_ct_uint_t if0)
{
#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
asm volatile ("and %x[if1], %x[if1], %x[condition] \n\t"
"mvn %x[condition], %x[condition] \n\t"
"and %x[condition], %x[condition], %x[if0] \n\t"
asm volatile ("and %x[if1], %x[if1], %x[condition] \n\t"
"mvn %x[condition], %x[condition] \n\t"
"and %x[condition], %x[condition], %x[if0] \n\t"
"orr %x[condition], %x[if1], %x[condition]"
:
[condition] "+&r" (condition),
@ -215,11 +245,11 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition,
);
return (mbedtls_ct_uint_t) condition;
#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
asm volatile (".syntax unified \n\t"
"ands %[if1], %[if1], %[condition] \n\t"
"mvns %[condition], %[condition] \n\t"
"ands %[condition], %[condition], %[if0] \n\t"
"orrs %[condition], %[if1], %[condition] \n\t"
asm volatile (".syntax unified \n\t"
"ands %[if1], %[if1], %[condition] \n\t"
"mvns %[condition], %[condition] \n\t"
"ands %[condition], %[condition], %[if0] \n\t"
"orrs %[condition], %[if1], %[condition] \n\t"
RESTORE_ASM_SYNTAX
:
[condition] "+&l" (condition),
@ -230,6 +260,32 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition,
"cc"
);
return (mbedtls_ct_uint_t) condition;
#elif defined(MBEDTLS_CT_X86_64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
asm volatile ("and %[condition], %[if1] \n\t"
"not %[condition] \n\t"
"and %[condition], %[if0] \n\t"
"or %[if1], %[if0] \n\t"
:
[condition] "+&D" (condition),
[if1] "+&S" (if1),
[if0] "+&a" (if0)
:
:
);
return if0;
#elif defined(MBEDTLS_CT_X86_ASM) && defined(MBEDTLS_CT_SIZE_32)
asm volatile ("and %[condition], %[if1] \n\t"
"not %[condition] \n\t"
"and %[if0], %[condition] \n\t"
"or %[condition], %[if1] \n\t"
:
[condition] "+&c" (condition),
[if1] "+&a" (if1)
:
[if0] "b" (if0)
:
);
return if1;
#else
mbedtls_ct_condition_t not_cond =
(mbedtls_ct_condition_t) (~mbedtls_ct_compiler_opaque(condition));
@ -241,39 +297,81 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe
{
#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
uint64_t s1;
asm volatile ("eor %x[s1], %x[y], %x[x] \n\t"
"sub %x[x], %x[x], %x[y] \n\t"
"bic %x[x], %x[x], %x[s1] \n\t"
"and %x[s1], %x[s1], %x[y] \n\t"
"orr %x[s1], %x[x], %x[s1] \n\t"
asm volatile ("eor %x[s1], %x[y], %x[x] \n\t"
"sub %x[x], %x[x], %x[y] \n\t"
"bic %x[x], %x[x], %x[s1] \n\t"
"and %x[s1], %x[s1], %x[y] \n\t"
"orr %x[s1], %x[x], %x[s1] \n\t"
"asr %x[x], %x[s1], 63"
: [s1] "=&r" (s1), [x] "+&r" (x)
: [y] "r" (y)
:
[s1] "=&r" (s1),
[x] "+&r" (x)
:
[y] "r" (y)
:
);
return (mbedtls_ct_condition_t) x;
#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
uint32_t s1;
asm volatile (
".syntax unified \n\t"
".syntax unified \n\t"
#if defined(__thumb__) && !defined(__thumb2__)
"movs %[s1], %[x] \n\t"
"eors %[s1], %[s1], %[y] \n\t"
"movs %[s1], %[x] \n\t"
"eors %[s1], %[s1], %[y] \n\t"
#else
"eors %[s1], %[x], %[y] \n\t"
"eors %[s1], %[x], %[y] \n\t"
#endif
"subs %[x], %[x], %[y] \n\t"
"bics %[x], %[x], %[s1] \n\t"
"ands %[y], %[s1], %[y] \n\t"
"orrs %[x], %[x], %[y] \n\t"
"asrs %[x], %[x], #31 \n\t"
"subs %[x], %[x], %[y] \n\t"
"bics %[x], %[x], %[s1] \n\t"
"ands %[y], %[s1], %[y] \n\t"
"orrs %[x], %[x], %[y] \n\t"
"asrs %[x], %[x], #31 \n\t"
RESTORE_ASM_SYNTAX
: [s1] "=&l" (s1), [x] "+&l" (x), [y] "+&l" (y)
:
[s1] "=&l" (s1),
[x] "+&l" (x),
[y] "+&l" (y)
:
:
"cc"
);
return (mbedtls_ct_condition_t) x;
#elif defined(MBEDTLS_CT_X86_64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
uint64_t s;
asm volatile ("mov %[x], %[s] \n\t"
"xor %[y], %[s] \n\t"
"sub %[y], %[x] \n\t"
"and %[s], %[y] \n\t"
"not %[s] \n\t"
"and %[s], %[x] \n\t"
"or %[y], %[x] \n\t"
"sar $63, %[x] \n\t"
:
[s] "=&a" (s),
[x] "+&D" (x),
[y] "+&S" (y)
:
:
);
return (mbedtls_ct_condition_t) x;
#elif defined(MBEDTLS_CT_X86_ASM) && defined(MBEDTLS_CT_SIZE_32)
uint32_t s;
asm volatile ("mov %[x], %[s] \n\t"
"xor %[y], %[s] \n\t"
"sub %[y], %[x] \n\t"
"and %[s], %[y] \n\t"
"not %[s] \n\t"
"and %[s], %[x] \n\t"
"or %[y], %[x] \n\t"
"sar $31, %[x] \n\t"
:
[s] "=&b" (s),
[x] "+&a" (x),
[y] "+&c" (y)
:
:
);
return (mbedtls_ct_condition_t) x;
#else
/* Ensure that the compiler cannot optimise the following operations over x and y,
* even if it knows the value of x and y.
@ -431,6 +529,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_not(mbedtls_ct_condition_t
}
#ifdef __GNUC__
/* Restore warnings for -Wredundant-decls on gcc */
#pragma GCC diagnostic pop
#endif

6
library/constant_time_internal.h
View File

@ -47,7 +47,7 @@
* These are all named mbedtls_ct_<type>_if and mbedtls_ct_<type>_if_else_0
* All arguments are considered secret.
* example: size_t a = x ? b : c => a = mbedtls_ct_size_if(x, b, c)
* example: unsigned a = x ? b : 0 => a = mbedtls_ct_uint__if_else_0(x, b)
* example: unsigned a = x ? b : 0 => a = mbedtls_ct_uint_if_else_0(x, b)
*
* - block memory operations
* Only some arguments are considered secret, as documented for each
@ -455,8 +455,8 @@ void mbedtls_ct_memcpy_if(mbedtls_ct_condition_t condition,
*
* memcpy(dst, src + offset, len)
*
* This function copies \p len bytes from \p src_base + \p offset to \p
* dst, with a code flow and memory access pattern that does not depend on
* This function copies \p len bytes from \p src + \p offset to
* \p dst, with a code flow and memory access pattern that does not depend on
* \p offset, but only on \p offset_min, \p offset_max and \p len.
*
* \note This function reads from \p dest, but the value that

2
library/ecjpake.c
View File

@ -1131,7 +1131,7 @@ int mbedtls_ecjpake_self_test(int verbose)
#if !defined(MBEDTLS_ECJPAKE_ALT)
/* 'reference handshake' tests can only be run against implementations
* for which we have 100% control over how the random ephemeral keys
* are generated. This is only the case for the internal mbed TLS
* are generated. This is only the case for the internal Mbed TLS
* implementation, so these tests are skipped in case the internal
* implementation is swapped out for an alternative one. */
if (verbose != 0) {

2
library/entropy_poll.h
View File

@ -50,7 +50,7 @@ int mbedtls_platform_entropy_poll(void *data,
/**
* \brief Entropy poll callback for a hardware source
*
* \warning This is not provided by mbed TLS!
* \warning This is not provided by Mbed TLS!
* See \c MBEDTLS_ENTROPY_HARDWARE_ALT in mbedtls_config.h.
*
* \note This must accept NULL as its first argument.

6
library/gcm.c
View File

@ -97,7 +97,7 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx)
}
#endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
#if defined(MBEDTLS_AESCE_HAVE_CODE)
if (MBEDTLS_AESCE_HAS_SUPPORT()) {
return 0;
}
@ -208,7 +208,7 @@ static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16],
}
#endif /* MBEDTLS_AESNI_HAVE_CODE */
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
#if defined(MBEDTLS_AESCE_HAVE_CODE)
if (MBEDTLS_AESCE_HAS_SUPPORT()) {
unsigned char h[16];
@ -885,7 +885,7 @@ int mbedtls_gcm_self_test(int verbose)
} else
#endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
#if defined(MBEDTLS_AESCE_HAVE_CODE)
if (MBEDTLS_AESCE_HAS_SUPPORT()) {
mbedtls_printf(" GCM note: using AESCE.\n");
} else

2
library/md.c
View File

@ -1,7 +1,7 @@
/**
* \file md.c
*
* \brief Generic message digest wrapper for mbed TLS
* \brief Generic message digest wrapper for Mbed TLS
*
* \author Adriaan de Jong <dejong@fox-it.com>
*

2
library/mps_common.h
View File

@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
/**

2
library/mps_error.h
View File

@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
/**

2
library/mps_reader.h
View File

@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
/**

2
library/mps_trace.h
View File

@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
/**

4
library/padlock.c
View File

@ -31,7 +31,7 @@
#include <string.h>
#if defined(MBEDTLS_HAVE_X86)
#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
/*
* PadLock detection routine
@ -162,6 +162,6 @@ int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx,
return 0;
}
#endif /* MBEDTLS_HAVE_X86 */
#endif /* MBEDTLS_VIA_PADLOCK_HAVE_CODE */
#endif /* MBEDTLS_PADLOCK_C */

13
library/padlock.h
View File

@ -38,16 +38,17 @@
#endif
#endif
/* Some versions of ASan result in errors about not enough registers */
#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
/*
* - `padlock` is implements with GNUC assembly for x86 target.
* - Some versions of ASan result in errors about not enough registers.
*/
#if defined(MBEDTLS_PADLOCK_C) && \
defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X86) && \
defined(MBEDTLS_HAVE_ASM) && \
!defined(MBEDTLS_HAVE_ASAN)
#define MBEDTLS_VIA_PADLOCK_HAVE_CODE
#ifndef MBEDTLS_HAVE_X86
#define MBEDTLS_HAVE_X86
#endif
#include <stdint.h>
#define MBEDTLS_PADLOCK_RNG 0x000C

4
library/pkwrite.c
View File

@ -77,7 +77,7 @@ static inline int mbedtls_pk_is_rfc8410(const mbedtls_pk_context *pk)
return 0;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PEM_WRITE_C)
/* It is assumed that the input key is opaque */
static psa_ecc_family_t pk_get_opaque_ec_family(const mbedtls_pk_context *pk)
{
@ -92,7 +92,7 @@ static psa_ecc_family_t pk_get_opaque_ec_family(const mbedtls_pk_context *pk)
return ec_family;
}
#endif /* MBETLS_USE_PSA_CRYPTO */
#endif /* MBETLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */

4
library/psa_crypto.c
View File

@ -4174,7 +4174,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE];
size_t default_iv_length;
size_t default_iv_length = 0;
if (operation->id == 0) {
status = PSA_ERROR_BAD_STATE;
@ -4784,7 +4784,7 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
uint8_t local_nonce[PSA_AEAD_NONCE_MAX_SIZE];
size_t required_nonce_size;
size_t required_nonce_size = 0;
*nonce_length = 0;

4
library/psa_crypto_core.h
View File

@ -225,12 +225,12 @@ psa_status_t psa_copy_key_material_into_slot(psa_key_slot_t *slot,
const uint8_t *data,
size_t data_length);
/** Convert an mbed TLS error code to a PSA error code
/** Convert an Mbed TLS error code to a PSA error code
*
* \note This function is provided solely for the convenience of
* Mbed TLS and may be removed at any time without notice.
*
* \param ret An mbed TLS-thrown error code
* \param ret An Mbed TLS-thrown error code
*
* \return The corresponding PSA error code
*/

2
library/ssl_cache.c
View File

@ -264,7 +264,7 @@ int mbedtls_ssl_cache_set(void *data,
mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
mbedtls_ssl_cache_entry *cur;
size_t session_serialized_len;
size_t session_serialized_len = 0;
unsigned char *session_serialized = NULL;
#if defined(MBEDTLS_THREADING_C)

2
library/ssl_ciphersuites.c
View File

@ -1,7 +1,7 @@
/**
* \file ssl_ciphersuites.c
*
* \brief SSL ciphersuites for mbed TLS
* \brief SSL ciphersuites for Mbed TLS
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0

14
library/ssl_client.c
View File

@ -16,7 +16,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS ( https://tls.mbed.org )
* This file is part of Mbed TLS ( https://tls.mbed.org )
*/
#include "common.h"
@ -260,7 +260,7 @@ static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl,
for (; *group_list != 0; group_list++) {
int propose_group = 0;
MBEDTLS_SSL_DEBUG_MSG(1, ("got supported group(%04x)", *group_list));
MBEDTLS_SSL_DEBUG_MSG(3, ("got supported group(%04x)", *group_list));
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED)
if (flags & SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_3_FLAG) {
@ -648,14 +648,16 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl,
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if (
int write_sig_alg_ext = 0;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
(propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl)) ||
write_sig_alg_ext = write_sig_alg_ext ||
(propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl));
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
propose_tls12 ||
write_sig_alg_ext = write_sig_alg_ext || propose_tls12;
#endif
0) {
if (write_sig_alg_ext) {
ret = mbedtls_ssl_write_sig_alg_ext(ssl, p, end, &output_len);
if (ret != 0) {
return ret;

17
library/ssl_msg.c
View File

@ -1504,7 +1504,8 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl,
int auth_done = 0;
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
size_t padlen = 0, correct = 1;
size_t padlen = 0;
mbedtls_ct_condition_t correct = MBEDTLS_CT_TRUE;
#endif
unsigned char *data;
/* For an explanation of the additional data length see
@ -1921,7 +1922,7 @@ hmac_failed_etm_enabled:
const mbedtls_ct_condition_t ge = mbedtls_ct_uint_ge(
rec->data_len,
padlen + 1);
correct = mbedtls_ct_size_if_else_0(ge, correct);
correct = mbedtls_ct_bool_and(ge, correct);
padlen = mbedtls_ct_size_if_else_0(ge, padlen);
} else {
#if defined(MBEDTLS_SSL_DEBUG_ALL)
@ -1937,7 +1938,7 @@ hmac_failed_etm_enabled:
const mbedtls_ct_condition_t ge = mbedtls_ct_uint_ge(
rec->data_len,
transform->maclen + padlen + 1);
correct = mbedtls_ct_size_if_else_0(ge, correct);
correct = mbedtls_ct_bool_and(ge, correct);
padlen = mbedtls_ct_size_if_else_0(ge, padlen);
}
@ -1973,14 +1974,14 @@ hmac_failed_etm_enabled:
increment = mbedtls_ct_size_if_else_0(b, increment);
pad_count += increment;
}
correct = mbedtls_ct_size_if_else_0(mbedtls_ct_uint_eq(pad_count, padlen), padlen);
correct = mbedtls_ct_bool_and(mbedtls_ct_uint_eq(pad_count, padlen), correct);
#if defined(MBEDTLS_SSL_DEBUG_ALL)
if (padlen > 0 && correct == 0) {
if (padlen > 0 && correct == MBEDTLS_CT_FALSE) {
MBEDTLS_SSL_DEBUG_MSG(1, ("bad padding byte detected"));
}
#endif
padlen = mbedtls_ct_size_if_else_0(mbedtls_ct_bool(correct), padlen);
padlen = mbedtls_ct_size_if_else_0(correct, padlen);
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
@ -2075,7 +2076,7 @@ hmac_failed_etm_enabled:
#if defined(MBEDTLS_SSL_DEBUG_ALL)
MBEDTLS_SSL_DEBUG_MSG(1, ("message mac does not match"));
#endif
correct = 0;
correct = MBEDTLS_CT_FALSE;
}
auth_done++;
@ -2090,7 +2091,7 @@ hmac_failed_etm_disabled:
/*
* Finally check the correct flag
*/
if (correct == 0) {
if (correct == MBEDTLS_CT_FALSE) {
return MBEDTLS_ERR_SSL_INVALID_MAC;
}
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */

9
library/ssl_tls.c
View File

@ -4578,13 +4578,14 @@ static int ssl_context_load(mbedtls_ssl_context *ssl,
* We can't check that the config matches the initial one, but we can at
* least check it matches the requirements for serializing.
*/
if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
ssl->conf->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2 ||
ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2 ||
if (
#if defined(MBEDTLS_SSL_RENEGOTIATION)
ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED ||
#endif
0) {
ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
ssl->conf->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2 ||
ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2
) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}

2
library/ssl_tls13_client.c
View File

@ -16,7 +16,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS ( https://tls.mbed.org )
* This file is part of Mbed TLS ( https://tls.mbed.org )
*/
#include "common.h"

2
library/ssl_tls13_generic.c
View File

@ -837,6 +837,8 @@ int mbedtls_ssl_tls13_process_certificate(mbedtls_ssl_context *ssl)
ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, buf_len));
cleanup:
#else /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
(void) ssl;
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate"));

103
library/x509.c
View File

@ -43,6 +43,8 @@
#include "mbedtls/pem.h"
#endif
#include "mbedtls/asn1write.h"
#include "mbedtls/platform.h"
#if defined(MBEDTLS_HAVE_TIME)
@ -810,6 +812,11 @@ int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end,
return 0;
}
static char nibble_to_hex_digit(int i)
{
return (i < 10) ? (i + '0') : (i - 10 + 'A');
}
/*
* Store the name in printable form into buf; no more
* than size characters will be written
@ -817,11 +824,16 @@ int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end,
int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t i, j, n;
size_t i, j, n, asn1_len_size, asn1_tag_size, asn1_tag_len_buf_start;
/* 6 is enough as our asn1 write functions only write one byte for the tag and at most five bytes for the length*/
unsigned char asn1_tag_len_buf[6];
unsigned char *asn1_len_p;
unsigned char c, merge = 0;
const mbedtls_x509_name *name;
const char *short_name = NULL;
char lowbits, highbits;
char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p;
int print_hexstring;
memset(s, 0, sizeof(s));
@ -840,32 +852,91 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn)
MBEDTLS_X509_SAFE_SNPRINTF;
}
ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name);
print_hexstring = (name->val.tag != MBEDTLS_ASN1_UTF8_STRING) &&
(name->val.tag != MBEDTLS_ASN1_PRINTABLE_STRING) &&
(name->val.tag != MBEDTLS_ASN1_IA5_STRING);
if (ret == 0) {
if ((ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name)) == 0) {
ret = mbedtls_snprintf(p, n, "%s=", short_name);
} else {
ret = mbedtls_snprintf(p, n, "\?\?=");
if ((ret = mbedtls_oid_get_numeric_string(p, n, &name->oid)) > 0) {
n -= ret;
p += ret;
ret = mbedtls_snprintf(p, n, "=");
print_hexstring = 1;
} else if (ret == MBEDTLS_ERR_OID_BUF_TOO_SMALL) {
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
} else {
ret = mbedtls_snprintf(p, n, "\?\?=");
}
}
MBEDTLS_X509_SAFE_SNPRINTF;
for (i = 0, j = 0; i < name->val.len; i++, j++) {
if (j >= sizeof(s) - 1) {
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
}
if (print_hexstring) {
s[0] = '#';
c = name->val.p[i];
// Special characters requiring escaping, RFC 1779
if (c && strchr(",=+<>#;\"\\", c)) {
asn1_len_p = asn1_tag_len_buf + sizeof(asn1_tag_len_buf);
if ((ret = mbedtls_asn1_write_len(&asn1_len_p, asn1_tag_len_buf, name->val.len)) < 0) {
return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
}
asn1_len_size = ret;
if ((ret = mbedtls_asn1_write_tag(&asn1_len_p, asn1_tag_len_buf, name->val.tag)) < 0) {
return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
}
asn1_tag_size = ret;
asn1_tag_len_buf_start = sizeof(asn1_tag_len_buf) - asn1_len_size - asn1_tag_size;
for (i = 0, j = 1; i < asn1_len_size + asn1_tag_size; i++) {
if (j + 1 >= sizeof(s) - 1) {
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
}
s[j++] = '\\';
c = asn1_tag_len_buf[asn1_tag_len_buf_start+i];
lowbits = (c & 0x0F);
highbits = c >> 4;
s[j++] = nibble_to_hex_digit(highbits);
s[j++] = nibble_to_hex_digit(lowbits);
}
if (c < 32 || c >= 127) {
s[j] = '?';
} else {
s[j] = c;
for (i = 0; i < name->val.len; i++) {
if (j + 1 >= sizeof(s) - 1) {
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
}
c = name->val.p[i];
lowbits = (c & 0x0F);
highbits = c >> 4;
s[j++] = nibble_to_hex_digit(highbits);
s[j++] = nibble_to_hex_digit(lowbits);
}
} else {
for (i = 0, j = 0; i < name->val.len; i++, j++) {
if (j >= sizeof(s) - 1) {
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
}
c = name->val.p[i];
// Special characters requiring escaping, RFC 4514 Section 2.4
if (c == '\0') {
return MBEDTLS_ERR_X509_INVALID_NAME;
} else {
if (strchr(",=+<>;\"\\", c) ||
((i == 0) && strchr("# ", c)) ||
((i == name->val.len-1) && (c == ' '))) {
if (j + 1 >= sizeof(s) - 1) {
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
}
s[j++] = '\\';
}
}
if (c < 32 || c >= 127) {
if (j + 3 >= sizeof(s) - 1) {
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
}
s[j++] = '\\';
lowbits = (c & 0x0F);
highbits = c >> 4;
s[j++] = nibble_to_hex_digit(highbits);
s[j] = nibble_to_hex_digit(lowbits);
} else {
s[j] = c;
}
}
}
s[j] = '\0';

202
library/x509_create.c
View File

@ -28,6 +28,10 @@
#include <string.h>
#include "mbedtls/platform.h"
#include "mbedtls/asn1.h"
/* Structure linking OIDs for X.509 DN AttributeTypes to their
* string representations and default string encodings used by Mbed TLS. */
typedef struct {
@ -35,7 +39,8 @@ typedef struct {
* "CN" or "emailAddress". */
size_t name_len; /* Length of 'name', without trailing 0 byte. */
const char *oid; /* String representation of OID of AttributeType,
* as per RFC 5280, Appendix A.1. */
* as per RFC 5280, Appendix A.1. encoded as per
* X.690 */
int default_tag; /* The default character encoding used for the
* given attribute type, e.g.
* MBEDTLS_ASN1_UTF8_STRING for UTF-8. */
@ -123,79 +128,200 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name,
return cur;
}
static int hex_to_int(char c)
{
return ('0' <= c && c <= '9') ? (c - '0') :
('a' <= c && c <= 'f') ? (c - 'a' + 10) :
('A' <= c && c <= 'F') ? (c - 'A' + 10) : -1;
}
static int hexpair_to_int(const char *hexpair)
{
int n1 = hex_to_int(*hexpair);
int n2 = hex_to_int(*(hexpair + 1));
if (n1 != -1 && n2 != -1) {
return (n1 << 4) | n2;
} else {
return -1;
}
}
static int parse_attribute_value_string(const char *s,
int len,
unsigned char *data,
size_t *data_len)
{
const char *c;
const char *end = s + len;
unsigned char *d = data;
int n;
for (c = s; c < end; c++) {
if (*c == '\\') {
c++;
/* Check for valid escaped characters as per RFC 4514 Section 3 */
if (c + 1 < end && (n = hexpair_to_int(c)) != -1) {
if (n == 0) {
return MBEDTLS_ERR_X509_INVALID_NAME;
}
*(d++) = n;
c++;
} else if (c < end && strchr(" ,=+<>#;\"\\", *c)) {
*(d++) = *c;
} else {
return MBEDTLS_ERR_X509_INVALID_NAME;
}
} else {
*(d++) = *c;
}
if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) {
return MBEDTLS_ERR_X509_INVALID_NAME;
}
}
*data_len = d - data;
return 0;
}
static int parse_attribute_value_der_encoded(const char *s,
int len,
unsigned char *data,
size_t *data_len,
int *tag)
{
const char *c = s;
const char *end = c + len;
unsigned char asn1_der_buf[MBEDTLS_X509_MAX_DN_NAME_SIZE];
unsigned char *asn1_der_end;
unsigned char *p;
unsigned char *d = data;
int n;
/* Converting from hexstring to raw binary so we can use asn1parse.c */
if ((len < 5) || (*c != '#')) {
return MBEDTLS_ERR_X509_INVALID_NAME;
}
c++;
if ((*tag = hexpair_to_int(c)) == -1) {
return MBEDTLS_ERR_X509_INVALID_NAME;
}
c += 2;
p = asn1_der_buf;
for (p = asn1_der_buf; c < end; c += 2) {
if ((c + 1 >= end) || (n = hexpair_to_int(c)) == -1) {
return MBEDTLS_ERR_X509_INVALID_NAME;
}
if (MBEDTLS_ASN1_IS_STRING_TAG(*tag) && n == 0) {
return MBEDTLS_ERR_X509_INVALID_NAME;
}
*(p++) = n;
}
asn1_der_end = p;
p = asn1_der_buf;
if (mbedtls_asn1_get_len(&p, asn1_der_end, data_len) != 0) {
return MBEDTLS_ERR_X509_INVALID_NAME;
}
while (p < asn1_der_end) {
*(d++) = *(p++);
}
return 0;
}
int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name)
{
int ret = MBEDTLS_ERR_X509_INVALID_NAME;
int parse_ret = 0;
const char *s = name, *c = s;
const char *end = s + strlen(s);
const char *oid = NULL;
mbedtls_asn1_buf oid = { .p = NULL, .len = 0, .tag = MBEDTLS_ASN1_NULL };
const x509_attr_descriptor_t *attr_descr = NULL;
int in_tag = 1;
char data[MBEDTLS_X509_MAX_DN_NAME_SIZE];
char *d = data;
int in_attr_type = 1;
int tag;
int numericoid = 0;
unsigned char data[MBEDTLS_X509_MAX_DN_NAME_SIZE];
size_t data_len = 0;
/* Clear existing chain if present */
mbedtls_asn1_free_named_data_list(head);
while (c <= end) {
if (in_tag && *c == '=') {
if (in_attr_type && *c == '=') {
if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) {
ret = MBEDTLS_ERR_X509_UNKNOWN_OID;
goto exit;
if ((mbedtls_oid_from_numeric_string(&oid, s, c - s)) != 0) {
return MBEDTLS_ERR_X509_INVALID_NAME;
} else {
numericoid = 1;
}
} else {
oid.len = strlen(attr_descr->oid);
oid.p = mbedtls_calloc(1, oid.len);
memcpy(oid.p, attr_descr->oid, oid.len);
numericoid = 0;
}
oid = attr_descr->oid;
s = c + 1;
in_tag = 0;
d = data;
in_attr_type = 0;
}
if (!in_tag && *c == '\\' && c != end) {
c++;
/* Check for valid escaped characters */
if (c == end || *c != ',') {
ret = MBEDTLS_ERR_X509_INVALID_NAME;
goto exit;
if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) {
if (s == c) {
mbedtls_free(oid.p);
return MBEDTLS_ERR_X509_INVALID_NAME;
} else if (*s == '#') {
if ((parse_ret =
parse_attribute_value_der_encoded(s, (int) (c - s), data, &data_len,
&tag)) != 0) {
mbedtls_free(oid.p);
return MBEDTLS_ERR_X509_INVALID_NAME;
}
} else {
if (numericoid) {
mbedtls_free(oid.p);
return MBEDTLS_ERR_X509_INVALID_NAME;
} else {
if ((parse_ret =
parse_attribute_value_string(s, (int) (c - s), data,
&data_len)) != 0) {
mbedtls_free(oid.p);
return parse_ret;
}
tag = attr_descr->default_tag;
}
}
} else if (!in_tag && (*c == ',' || c == end)) {
mbedtls_asn1_named_data *cur =
mbedtls_asn1_store_named_data(head, oid, strlen(oid),
(unsigned char *) data,
d - data);
mbedtls_asn1_named_data *cur =
mbedtls_asn1_store_named_data(head, (char *) oid.p, oid.len,
(unsigned char *) data,
data_len);
mbedtls_free(oid.p);
oid.p = NULL;
if (cur == NULL) {
return MBEDTLS_ERR_X509_ALLOC_FAILED;
}
// set tagType
cur->val.tag = attr_descr->default_tag;
cur->val.tag = tag;
while (c < end && *(c + 1) == ' ') {
c++;
}
s = c + 1;
in_tag = 1;
in_attr_type = 1;
/* Successfully parsed one name, update ret to success */
ret = 0;
}
if (!in_tag && s != c + 1) {
*(d++) = *c;
if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) {
ret = MBEDTLS_ERR_X509_INVALID_NAME;
goto exit;
}
}
c++;
}
exit:
if (oid.p != NULL) {
mbedtls_free(oid.p);
}
return ret;
}

2
programs/ssl/ssl_fork_server.c
View File

@ -65,7 +65,7 @@ int main(void)
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
"<h2>Mbed TLS Test Server</h2>\r\n" \
"<p>Successful connection using: %s</p>\r\n"
#define DEBUG_LEVEL 0

4
programs/ssl/ssl_mail_client.c
View File

@ -775,9 +775,9 @@ usage:
mbedtls_printf(" > Write content to server:");
fflush(stdout);
len = sprintf((char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n"
len = sprintf((char *) buf, "From: %s\r\nSubject: Mbed TLS Test mail\r\n\r\n"
"This is a simple test mail from the "
"mbed TLS mail client example.\r\n"
"Mbed TLS mail client example.\r\n"
"\r\n"
"Enjoy!", opt.mail_from);
ret = write_ssl_data(&ssl, buf, len);

2
programs/ssl/ssl_pthread_server.c
View File

@ -66,7 +66,7 @@ int main(void)
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
"<h2>Mbed TLS Test Server</h2>\r\n" \
"<p>Successful connection using: %s</p>\r\n"
#define DEBUG_LEVEL 0

2
programs/ssl/ssl_server.c
View File

@ -59,7 +59,7 @@ int main(void)
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
"<h2>Mbed TLS Test Server</h2>\r\n" \
"<p>Successful connection using: %s</p>\r\n"
#define DEBUG_LEVEL 0

2
programs/ssl/ssl_server2.c
View File

@ -173,7 +173,7 @@ int main(void)
* packets (for fragmentation purposes) */
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
"<h2>Mbed TLS Test Server</h2>\r\n" \
"<p>Successful connection using: %s</p>\r\n" // LONG_RESPONSE
/*

2
programs/test/CMakeLists.txt
View File

@ -45,11 +45,13 @@ if(GEN_FILES)
${PERL}
${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_query_config.pl
${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/mbedtls_config.h
${CMAKE_CURRENT_SOURCE_DIR}/../../include/psa/crypto_config.h
${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/data_files/query_config.fmt
${CMAKE_CURRENT_BINARY_DIR}/query_config.c
DEPENDS
${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_query_config.pl
${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/mbedtls_config.h
${CMAKE_CURRENT_SOURCE_DIR}/../../include/psa/crypto_config.h
${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/data_files/query_config.fmt
)
# this file will also be used in another directory, so create a target, see

2
programs/test/cmake_package/CMakeLists.txt
View File

@ -1,4 +1,4 @@
cmake_minimum_required(VERSION 2.8.12)
cmake_minimum_required(VERSION 3.5.1)
#
# Simulate configuring and building Mbed TLS as the user might do it. We'll

2
programs/test/cmake_package_install/CMakeLists.txt
View File

@ -1,4 +1,4 @@
cmake_minimum_required(VERSION 2.8.12)
cmake_minimum_required(VERSION 3.5.1)
#
# Simulate configuring and building Mbed TLS as the user might do it. We'll

2
programs/test/cmake_subproject/CMakeLists.txt
View File

@ -1,4 +1,4 @@
cmake_minimum_required(VERSION 2.6)
cmake_minimum_required(VERSION 3.5.1)
# Test the target renaming support by adding a prefix to the targets built
set(MBEDTLS_TARGET_PREFIX subproject_test_)

4
scripts/bump_version.sh
View File

@ -131,7 +131,7 @@ cat include/mbedtls/build_info.h | \
sed -e "s/\(# *define *[A-Z]*_VERSION\)_PATCH .\{1,\}/\1_PATCH $PATCH/" | \
sed -e "s/\(# *define *[A-Z]*_VERSION\)_NUMBER .\{1,\}/\1_NUMBER $VERSION_NR/" | \
sed -e "s/\(# *define *[A-Z]*_VERSION\)_STRING .\{1,\}/\1_STRING \"$VERSION\"/" | \
sed -e "s/\(# *define *[A-Z]*_VERSION\)_STRING_FULL .\{1,\}/\1_STRING_FULL \"mbed TLS $VERSION\"/" \
sed -e "s/\(# *define *[A-Z]*_VERSION\)_STRING_FULL .\{1,\}/\1_STRING_FULL \"Mbed TLS $VERSION\"/" \
> tmp
mv tmp include/mbedtls/build_info.h
@ -142,7 +142,7 @@ mv tmp tests/suites/test_suite_version.data
[ $VERBOSE ] && echo "Bumping PROJECT_NAME in doxygen/mbedtls.doxyfile and doxygen/input/doc_mainpage.h"
for i in doxygen/mbedtls.doxyfile doxygen/input/doc_mainpage.h;
do
sed -e "s/mbed TLS v[0-9\.]\{1,\}/mbed TLS v$VERSION/g" < $i > tmp
sed -e "s/\\([Mm]bed TLS v\\)[0-9][0-9.]*/\\1$VERSION/g" < $i > tmp
mv tmp $i
done

12
scripts/ci.requirements.txt
View File

@ -11,8 +11,10 @@ pylint == 2.4.4
# See https://github.com/Mbed-TLS/mbedtls/pull/3953 .
mypy >= 0.780
# Install cryptography to avoid import-error reported by pylint.
# What we really need is cryptography >= 35.0.0, which is only
# available for Python >= 3.6.
cryptography >= 35.0.0; sys_platform == 'linux' and python_version >= '3.6'
cryptography; sys_platform == 'linux' and python_version < '3.6'
# At the time of writing, only needed for tests/scripts/audit-validity-dates.py.
# It needs >=35.0.0 for correct operation, and that requires Python >=3.6,
# but our CI has Python 3.5. So let pip install the newest version that's
# compatible with the running Python: this way we get something good enough
# for mypy and pylint under Python 3.5, and we also get something good enough
# to run audit-validity-dates.py on Python >=3.6.
cryptography # >= 35.0.0

8
scripts/config.py
View File

@ -190,6 +190,7 @@ def realfull_adapter(_name, active, section):
EXCLUDE_FROM_FULL = frozenset([
#pylint: disable=line-too-long
'MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH', # interacts with CTR_DRBG_128_BIT_KEY
'MBEDTLS_AES_USE_HARDWARE_ONLY', # hardware dependency
'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # interacts with ENTROPY_FORCE_SHA256
'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options
'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options
@ -233,7 +234,12 @@ def is_seamless_alt(name):
Exclude alternative implementations of library functions since they require
an implementation of the relevant functions and an xxx_alt.h header.
"""
if name in ('MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', 'MBEDTLS_PLATFORM_MS_TIME_ALT'):
if name in (
'MBEDTLS_PLATFORM_GMTIME_R_ALT',
'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT',
'MBEDTLS_PLATFORM_MS_TIME_ALT',
'MBEDTLS_PLATFORM_ZEROIZE_ALT',
):
# Similar to non-platform xxx_ALT, requires platform_alt.h
return False
return name.startswith('MBEDTLS_PLATFORM_')

4
scripts/footprint.sh
View File

@ -17,7 +17,7 @@
#
# Purpose
#
# This script determines ROM size (or code size) for the standard mbed TLS
# This script determines ROM size (or code size) for the standard Mbed TLS
# configurations, when built for a Cortex M3/M4 target.
#
# Configurations included:
@ -108,7 +108,7 @@ else
fi
log ""
log "mbed TLS $MBEDTLS_VERSION$GIT_VERSION"
log "Mbed TLS $MBEDTLS_VERSION$GIT_VERSION"
log "$( arm-none-eabi-gcc --version | head -n1 )"
log "CFLAGS=$ARMGCC_FLAGS"

4
scripts/generate_features.pl
View File

@ -39,8 +39,8 @@ if( @ARGV ) {
my $feature_format_file = $data_dir.'/version_features.fmt';
my @sections = ( "System support", "mbed TLS modules",
"mbed TLS feature support" );
my @sections = ( "System support", "Mbed TLS modules",
"Mbed TLS feature support" );
my $line_separator = $/;
undef $/;

25
scripts/generate_query_config.pl
View File

@ -7,15 +7,16 @@
# form (if any). This facilitates querying the compile time configuration of
# the library, for example, for testing.
#
# The query_config.c is generated from the current configuration at
# include/mbedtls/mbedtls_config.h. The idea is that the mbedtls_config.h contains ALL the
# The query_config.c is generated from the default configuration files
# include/mbedtls/mbedtls_config.h and include/psa/crypto_config.h.
# The idea is that mbedtls_config.h and crypto_config.h contain ALL the
# compile time configurations available in Mbed TLS (commented or uncommented).
# This script extracts the configuration macros from the mbedtls_config.h and this
# This script extracts the configuration macros from the two files and this
# information is used to automatically generate the body of the query_config()
# function by using the template in scripts/data_files/query_config.fmt.
#
# Usage: scripts/generate_query_config.pl without arguments, or
# generate_query_config.pl mbedtls_config_file template_file output_file [psa_crypto_config_file]
# generate_query_config.pl mbedtls_config_file psa_crypto_config_file template_file output_file
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0
@ -34,29 +35,25 @@
use strict;
my ($mbedtls_config_file, $query_config_format_file, $query_config_file, $psa_crypto_config_file);
my ($mbedtls_config_file, $psa_crypto_config_file, $query_config_format_file, $query_config_file);
my $default_mbedtls_config_file = "./include/mbedtls/mbedtls_config.h";
my $default_psa_crypto_config_file = "./include/psa/crypto_config.h";
my $default_query_config_format_file = "./scripts/data_files/query_config.fmt";
my $default_query_config_file = "./programs/test/query_config.c";
my $default_psa_crypto_config_file = "./include/psa/crypto_config.h";
if( @ARGV ) {
die "Invalid number of arguments - usage: $0 [CONFIG_FILE TEMPLATE_FILE OUTPUT_FILE]" if scalar @ARGV != 3;
($mbedtls_config_file, $query_config_format_file, $query_config_file) = @ARGV;
die "Invalid number of arguments - usage: $0 [MBED_TLS_CONFIG_FILE PSA_CRYPTO_CONFIG_FILE TEMPLATE_FILE OUTPUT_FILE]" if scalar @ARGV != 4;
($mbedtls_config_file, $psa_crypto_config_file, $query_config_format_file, $query_config_file) = @ARGV;
-f $mbedtls_config_file or die "No such file: $mbedtls_config_file";
-f $psa_crypto_config_file or die "No such file: $psa_crypto_config_file";
-f $query_config_format_file or die "No such file: $query_config_format_file";
if (defined($psa_crypto_config_file) && length($psa_crypto_config_file)) {
-f $psa_crypto_config_file or die "No such file: $psa_crypto_config_file";
} else {
$psa_crypto_config_file = (-f $default_psa_crypto_config_file) ? $default_psa_crypto_config_file : undef;
}
} else {
$mbedtls_config_file = $default_mbedtls_config_file;
$psa_crypto_config_file = $default_psa_crypto_config_file;
$query_config_format_file = $default_query_config_format_file;
$query_config_file = $default_query_config_file;
$psa_crypto_config_file = $default_psa_crypto_config_file;
unless(-f $mbedtls_config_file && -f $query_config_format_file && -f $psa_crypto_config_file) {
chdir '..' or die;

2
scripts/lcov.sh
View File

@ -51,7 +51,7 @@ lcov_library_report () {
lcov --rc lcov_branch_coverage=1 --add-tracefile Coverage/tmp/files.info --add-tracefile Coverage/tmp/tests.info -o Coverage/tmp/all.info
lcov --rc lcov_branch_coverage=1 --remove Coverage/tmp/all.info -o Coverage/tmp/final.info '*.h'
gendesc tests/Descriptions.txt -o Coverage/tmp/descriptions
genhtml --title "mbed TLS" --description-file Coverage/tmp/descriptions --keep-descriptions --legend --branch-coverage -o Coverage Coverage/tmp/final.info
genhtml --title "Mbed TLS" --description-file Coverage/tmp/descriptions --keep-descriptions --legend --branch-coverage -o Coverage Coverage/tmp/final.info
rm -f Coverage/tmp/*.info Coverage/tmp/descriptions
echo "Coverage report in: Coverage/index.html"
}

4
tests/compat.sh
View File

@ -262,7 +262,7 @@ filter_ciphersuites()
{
if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ];
then
# Ciphersuite for mbed TLS
# Ciphersuite for Mbed TLS
M_CIPHERS=$( filter "$M_CIPHERS" )
# Ciphersuite for OpenSSL
@ -272,7 +272,7 @@ filter_ciphersuites()
G_CIPHERS=$( filter "$G_CIPHERS" )
fi
# For GnuTLS client -> mbed TLS server,
# For GnuTLS client -> Mbed TLS server,
# we need to force IPv4 by connecting to 127.0.0.1 but then auth fails
if is_dtls "$MODE" && [ "X$VERIFY" = "XYES" ]; then
G_CIPHERS=""

18
tests/data_files/Makefile
View File

@ -1,7 +1,7 @@
## This file contains a record of how some of the test data was
## generated. The final build products are committed to the repository
## as well to make sure that the test data is identical. You do not
## need to use this makefile unless you're extending mbed TLS's tests.
## need to use this makefile unless you're extending Mbed TLS's tests.
## Many data files were generated prior to the existence of this
## makefile, so the method of their generation was not recorded.
@ -1441,6 +1441,14 @@ all_final += server1.req.cert_type_empty
parse_input/server1.req.commas.sha256: server1.key
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL\, Commas,CN=PolarSSL Server 1" md=SHA256
parse_input/server1.req.hashsymbol.sha256: server1.key
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=\#PolarSSL,CN=PolarSSL Server 1" md=SHA256
parse_input/server1.req.spaces.sha256: server1.key
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O= PolarSSL ,CN=PolarSSL Server 1" md=SHA256
parse_input/server1.req.asciichars.sha256: server1.key
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=极地SSL,CN=PolarSSL Server 1" md=SHA256
# server2*
server2_pwd_ec = PolarSSLTest
@ -1590,7 +1598,13 @@ server1.der: server1.crt
$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
server1.commas.crt: server1.key parse_input/server1.req.commas.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
$(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.commas.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
all_final += server1.crt server1.noauthid.crt parse_input/server1.crt.der server1.commas.crt
server1.hashsymbol.crt: server1.key parse_input/server1.req.hashsymbol.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
$(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.hashsymbol.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
server1.spaces.crt: server1.key parse_input/server1.req.spaces.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
$(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.spaces.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
server1.asciichars.crt: server1.key parse_input/server1.req.asciichars.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
$(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.asciichars.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
all_final += server1.crt server1.noauthid.crt parse_input/server1.crt.der server1.commas.crt server1.hashsymbol.crt server1.spaces.crt server1.asciichars.crt
parse_input/server1.key_usage.crt: parse_input/server1.req.sha256
server1.key_usage.crt: server1.req.sha256

20
tests/data_files/server1.asciichars.crt Normal file
View File

@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA9MQswCQYDVQQGEwJOTDESMBAG
A1UECgwJ5p6B5ZywU1NMMRowGAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J
v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB
Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl
XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk
65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP
cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA
AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw
HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD
ggEBAHqJLYmgkQ6yqml3PZM6iwbmo+lZLyDEPFpl/thHZm5LI8TTYOeU+wMAZ6KI
VumyjZxypmLF2MiiJ2f3zQooU7H1waAcTpsafTuD6RRYdthYYxs1L9gCm1ZT2Ga8
fgn3wrugPLUrtSM/TkTj6F4XkSlluzZpEKsSYLSoyde+uQgdbtR+3Tc+3oU8xBMM
N6uq4VQC49avIQkI+598E3vKrjGGt3l2a1Ts1qvXWjo9mpJW5GM4e1zfogKnc8XQ
K1hYQ39wL42l9Hijwre85O0PSBfbNOv1BPSDm8das3VNzGsUIz8InkAKAKCKwxG6
BCw3D/CE8s6DCnpb+eK1sVJwZ4E=
-----END CERTIFICATE-----

20
tests/data_files/server1.hashsymbol.crt Normal file
View File

@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA9MQswCQYDVQQGEwJOTDESMBAG
A1UECgwJI1BvbGFyU1NMMRowGAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J
v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB
Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl
XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk
65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP
cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA
AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw
HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD
ggEBAJcKcv/Xro61Sxm0GH42pYu7AvtD2b8nynvA8BW9gCHmiIHvHQWNO9NTMuno
1+HdzQVF1JxHC/A/hvXsczxGEc3jVnVeg1fwi8mZ/Fy1XtAVCTA0yJu7JTaaYbg+
IU2y7Nu36FSOztLpOfHGmwVDoJ1+wCzG/id64hXwJRrHvUfGK4EvIsV97swhk2Do
zSAfDA9N+QNV4zeiF9mLMOpUhCUBq8r41EDqm9lM0wSd3HNen8jwO20F4F1b1dYm
L+bMarvUgHq91f128m2fF3sWNnz4RGoagSI/aOU/AP6Ksq8SUruGHpqrVWLClA6n
EyyTPlNTwYIRCydZt7zlsw1/4h4=
-----END CERTIFICATE-----

20
tests/data_files/server1.spaces.crt Normal file
View File

@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDQTCCAimgAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA+MQswCQYDVQQGEwJOTDETMBEG
A1UECgwKIFBvbGFyU1NMIDEaMBgGA1UEAwwRUG9sYXJTU0wgU2VydmVyIDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/TbugmUuFWFe
ib+46EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5RYDQg2rV
QUN3Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdzEw9A+G2B
JV8KsVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/CRm+rWUs
ZOuVm9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDKiQsE2y6m
T3Buns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tSglSxAgMB
AAGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1DWQKm
MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA
A4IBAQBsR3jOFh7uGF5MCvEK8DrSmmvcFJzMmTRp0hCMeb0wEULhrMKeRDIa2yvr
FrHHCUNAk2HjsjJevpCM8f3ibDqecckfbxE2vT9IUCmPrtOWmhQR/Il5TR9FvYns
4BF1KUPRqGUFAXoIN+xKcYdp+myIluGHumM4Bop7tAZ5gg68IV/UJh5RqShxiLgV
rxHzrp6oM1kn199m2wc1Twy2YwcNmfJDSOLV6K4xWjwcc8Eq+rLhuWUs5GNdrSEY
ZjWmF1AlbVVChU3Dl5XOAY8T6+wJst5RIwkf1Fl1TPCZX8FWzGM9HYiYW0cC7cno
IdSS7mVGxNrNe+6/Cu+zfqeiLdN2
-----END CERTIFICATE-----

152
tests/scripts/all.sh
View File

@ -2662,16 +2662,29 @@ component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () {
tests/ssl-opt.sh
}
# This function is really similar to config_psa_crypto_no_ecp_at_all() above so
# its description is basically the same. The main difference in this case is
# that when the EC built-in implementation is disabled, then also Bignum module
# and its dependencies are disabled as well.
#
# This is the common helper between:
# This is a common configuration helper used directly from:
# - common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum
# - common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum
# and indirectly from:
# - component_test_psa_crypto_config_accel_ecc_no_bignum
# - accelerate all EC algs, disable RSA and FFDH
# - component_test_psa_crypto_config_reference_ecc_no_bignum
config_psa_crypto_config_accel_ecc_no_bignum() {
# - this is the reference component of the above
# - it still disables RSA and FFDH, but it uses builtin EC algs
# - component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum
# - accelerate all EC and FFDH algs, disable only RSA
# - component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum
# - this is the reference component of the above
# - it still disables RSA, but it uses builtin EC and FFDH algs
#
# This function accepts 2 parameters:
# $1: a boolean value which states if we are testing an accelerated scenario
# or not.
# $2: a string value which states which components are tested. Allowed values
# are "ECC" or "ECC_DH".
config_psa_crypto_config_accel_ecc_ffdh_no_bignum() {
DRIVER_ONLY="$1"
TEST_TARGET="$2"
# start with full config for maximum coverage (also enables USE_PSA)
helper_libtestdriver1_adjust_config "full"
@ -2706,13 +2719,23 @@ config_psa_crypto_config_accel_ecc_no_bignum() {
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
# Disable FFDH because it also depends on BIGNUM.
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH
scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*"
scripts/config.py unset MBEDTLS_DHM_C
# Also disable key exchanges that depend on FFDH
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
if [ "$TEST_TARGET" = "ECC" ]; then
# When testing ECC only, we disable FFDH support, both from builtin and
# PSA sides, and also disable the key exchanges that depend on DHM.
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH
scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*"
scripts/config.py unset MBEDTLS_DHM_C
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
else
# When testing ECC and DH instead, we disable DHM and depending key
# exchanges only in the accelerated build
if [ "$DRIVER_ONLY" -eq 1 ]; then
scripts/config.py unset MBEDTLS_DHM_C
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
fi
fi
# Restartable feature is not yet supported by PSA. Once it will in
# the future, the following line could be removed (see issues
@ -2720,15 +2743,32 @@ config_psa_crypto_config_accel_ecc_no_bignum() {
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
}
# Build and test a configuration where driver accelerates all EC algs while
# all support and dependencies from ECP and ECP_LIGHT are removed on the library
# side.
# Common helper used by:
# - component_test_psa_crypto_config_accel_ecc_no_bignum
# - component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum
#
# Keep in sync with component_test_psa_crypto_config_reference_ecc_no_bignum()
component_test_psa_crypto_config_accel_ecc_no_bignum () {
msg "build: full + accelerated EC algs + USE_PSA - ECP - BIGNUM"
# The goal is to build and test accelerating either:
# - ECC only or
# - both ECC and FFDH
#
# It is meant to be used in conjunction with
# common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum() for drivers
# coverage analysis in the "analyze_outcomes.py" script.
common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () {
TEST_TARGET="$1"
# Algorithms and key types to accelerate
# This is an internal helper to simplify text message handling
if [ "$TEST_TARGET" = "ECC_DH" ]; then
ACCEL_TEXT="ECC/FFDH"
REMOVED_TEXT="ECP - DH"
else
ACCEL_TEXT="ECC"
REMOVED_TEXT="ECP"
fi
msg "build: full + accelerated $ACCEL_TEXT algs + USE_PSA - $REMOVED_TEXT - BIGNUM"
# By default we accelerate all EC keys/algs
loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \
ALG_ECDH \
ALG_JPAKE \
@ -2737,12 +2777,22 @@ component_test_psa_crypto_config_accel_ecc_no_bignum () {
KEY_TYPE_ECC_KEY_PAIR_EXPORT \
KEY_TYPE_ECC_KEY_PAIR_GENERATE \
KEY_TYPE_ECC_PUBLIC_KEY"
# Optionally we can also add DH to the list of accelerated items
if [ "$TEST_TARGET" = "ECC_DH" ]; then
loc_accel_list="$loc_accel_list \
ALG_FFDH \
KEY_TYPE_DH_KEY_PAIR_BASIC \
KEY_TYPE_DH_KEY_PAIR_IMPORT \
KEY_TYPE_DH_KEY_PAIR_EXPORT \
KEY_TYPE_DH_KEY_PAIR_GENERATE \
KEY_TYPE_DH_PUBLIC_KEY"
fi
# Configure
# ---------
# Set common configurations between library's and driver's builds
config_psa_crypto_config_accel_ecc_no_bignum 1
config_psa_crypto_config_accel_ecc_ffdh_no_bignum 1 "$TEST_TARGET"
# Build
# -----
@ -2759,41 +2809,73 @@ component_test_psa_crypto_config_accel_ecc_no_bignum () {
not grep mbedtls_ecdsa_ library/ecdsa.o
not grep mbedtls_ecdh_ library/ecdh.o
not grep mbedtls_ecjpake_ library/ecjpake.o
# Also ensure that ECP, RSA, DHM or BIGNUM modules were not re-enabled
# Also ensure that ECP, RSA, [DHM] or BIGNUM modules were not re-enabled
not grep mbedtls_ecp_ library/ecp.o
not grep mbedtls_rsa_ library/rsa.o
not grep mbedtls_dhm_ library/dhm.o
not grep mbedtls_mpi_ library/bignum.o
not grep mbedtls_dhm_ library/dhm.o
# Run the tests
# -------------
msg "test suites: full + accelerated EC algs + USE_PSA - ECP - BIGNUM"
msg "test suites: full + accelerated $ACCEL_TEXT algs + USE_PSA - $REMOVED_TEXT - DHM - BIGNUM"
make test
# The following will be enabled in #7756
msg "ssl-opt: full + accelerated EC algs + USE_PSA - ECP - BIGNUM"
msg "ssl-opt: full + accelerated $ACCEL_TEXT algs + USE_PSA - $REMOVED_TEXT - BIGNUM"
tests/ssl-opt.sh
}
# Reference function used for driver's coverage analysis in analyze_outcomes.py
# in conjunction with component_test_psa_crypto_config_accel_ecc_no_bignum().
# Keep in sync with its accelerated counterpart.
component_test_psa_crypto_config_reference_ecc_no_bignum () {
msg "build: full + non accelerated EC algs + USE_PSA"
# Common helper used by:
# - component_test_psa_crypto_config_reference_ecc_no_bignum
# - component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum
#
# The goal is to build and test a reference scenario (i.e. with builtin
# components) compared to the ones used in
# common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum() above.
#
# It is meant to be used in conjunction with
# common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum() for drivers'
# coverage analysis in "analyze_outcomes.py" script.
common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () {
TEST_TARGET="$1"
config_psa_crypto_config_accel_ecc_no_bignum 0
# This is an internal helper to simplify text message handling
if [ "$TEST_TARGET" = "ECC_DH" ]; then
ACCEL_TEXT="ECC/FFDH"
else
ACCEL_TEXT="ECC"
fi
msg "build: full + non accelerated $ACCEL_TEXT algs + USE_PSA"
config_psa_crypto_config_accel_ecc_ffdh_no_bignum 0 "$TEST_TARGET"
make
msg "test suites: full + non accelerated EC algs + USE_PSA"
make test
# The following will be enabled in #7756
msg "ssl-opt: full + non accelerated EC algs + USE_PSA"
msg "ssl-opt: full + non accelerated $ACCEL_TEXT algs + USE_PSA"
tests/ssl-opt.sh
}
component_test_psa_crypto_config_accel_ecc_no_bignum () {
common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum "ECC"
}
component_test_psa_crypto_config_reference_ecc_no_bignum () {
common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum "ECC"
}
component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () {
common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum "ECC_DH"
}
component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () {
common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum "ECC_DH"
}
# Helper function used in:
# - component_test_psa_crypto_config_accel_all_curves_except_p192
# - component_test_psa_crypto_config_accel_all_curves_except_x25519

96
tests/scripts/analyze_outcomes.py
View File

@ -325,7 +325,7 @@ TASKS = {
}
}
},
'analyze_driver_vs_reference_no_bignum': {
'analyze_driver_vs_reference_ecc_no_bignum': {
'test_function': do_analyze_driver_vs_reference,
'args': {
'component_ref': 'test_psa_crypto_config_reference_ecc_no_bignum',
@ -418,6 +418,100 @@ TASKS = {
}
}
},
'analyze_driver_vs_reference_ecc_ffdh_no_bignum': {
'test_function': do_analyze_driver_vs_reference,
'args': {
'component_ref': 'test_psa_crypto_config_reference_ecc_ffdh_no_bignum',
'component_driver': 'test_psa_crypto_config_accel_ecc_ffdh_no_bignum',
'ignored_suites': [
# Ignore test suites for the modules that are disabled in the
# accelerated test case.
'ecp',
'ecdsa',
'ecdh',
'ecjpake',
'bignum_core',
'bignum_random',
'bignum_mod',
'bignum_mod_raw',
'bignum.generated',
'bignum.misc',
'dhm',
],
'ignored_tests': {
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
'test_suite_psa_crypto': [
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
],
'test_suite_pkparse': [
# See the description provided above in the
# analyze_driver_vs_reference_no_ecp_at_all component.
'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)',
'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)',
'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)',
'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)',
'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)',
'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)',
'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)',
'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)',
'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)',
'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)',
'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)',
'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)',
'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)',
'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)',
'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)',
'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)',
],
'test_suite_asn1parse': [
# This test depends on BIGNUM_C
'INTEGER too large for mpi',
],
'test_suite_asn1write': [
# Following tests depends on BIGNUM_C
'ASN.1 Write mpi 0 (1 limb)',
'ASN.1 Write mpi 0 (null)',
'ASN.1 Write mpi 0x100',
'ASN.1 Write mpi 0x7f',
'ASN.1 Write mpi 0x7f with leading 0 limb',
'ASN.1 Write mpi 0x80',
'ASN.1 Write mpi 0x80 with leading 0 limb',
'ASN.1 Write mpi 0xff',
'ASN.1 Write mpi 1',
'ASN.1 Write mpi, 127*8 bits',
'ASN.1 Write mpi, 127*8+1 bits',
'ASN.1 Write mpi, 127*8-1 bits',
'ASN.1 Write mpi, 255*8 bits',
'ASN.1 Write mpi, 255*8-1 bits',
'ASN.1 Write mpi, 256*8-1 bits',
],
'test_suite_debug': [
# Following tests depends on BIGNUM_C
'Debug print mbedtls_mpi #2: 3 bits',
'Debug print mbedtls_mpi: 0 (empty representation)',
'Debug print mbedtls_mpi: 0 (non-empty representation)',
'Debug print mbedtls_mpi: 49 bits',
'Debug print mbedtls_mpi: 759 bits',
'Debug print mbedtls_mpi: 764 bits #1',
'Debug print mbedtls_mpi: 764 bits #2',
],
}
}
},
'analyze_driver_vs_reference_ffdh_alg': {
'test_function': do_analyze_driver_vs_reference,
'args': {

2
tests/scripts/basic-build-test.sh
View File

@ -43,7 +43,7 @@
set -eu
if [ -d library -a -d include -a -d tests ]; then :; else
echo "Must be run from mbed TLS root" >&2
echo "Must be run from Mbed TLS root" >&2
exit 1
fi

2
tests/scripts/check-doxy-blocks.pl
View File

@ -68,7 +68,7 @@ sub check_dir {
# Check that the script is being run from the project's root directory.
for my $dir (@directories) {
if (! -d $dir) {
die "This script must be run from the mbed TLS root directory";
die "This script must be run from the Mbed TLS root directory";
} else {
check_dir($dir)
}

2
tests/scripts/check-generated-files.sh
View File

@ -35,7 +35,7 @@ EOF
fi
if [ -d library -a -d include -a -d tests ]; then :; else
echo "Must be run from mbed TLS root" >&2
echo "Must be run from Mbed TLS root" >&2
exit 1
fi

2
tests/scripts/doxygen.sh
View File

@ -21,7 +21,7 @@
set -eu
if [ -d library -a -d include -a -d tests ]; then :; else
echo "Must be run from mbed TLS root" >&2
echo "Must be run from Mbed TLS root" >&2
exit 1
fi

2
tests/scripts/generate-afl-tests.sh
View File

@ -41,7 +41,7 @@ THIS_DIR=$(basename $PWD)
if [ -d ../library -a -d ../include -a -d ../tests -a $THIS_DIR == "tests" ];
then :;
else
echo " [!] Must be run from mbed TLS tests directory" >&2
echo " [!] Must be run from Mbed TLS tests directory" >&2
exit 1
fi

2
tests/suites/test_suite_ecp.function
View File

@ -166,7 +166,7 @@ void ecp_test_vect_restart(int id,
* MBEDTLS_ECP_WINDOW_SIZE, as well as implementation details that may
* change in the future. A factor 2 is a minimum safety margin.
*
* For reference, with mbed TLS 2.4 and default settings, for P-256:
* For reference, with Mbed TLS 2.4 and default settings, for P-256:
* - Random point mult: ~3250M
* - Cold base point mult: ~3300M
* - Hot base point mult: ~1100M

3
tests/suites/test_suite_pkcs7.function
View File

@ -78,6 +78,8 @@ void pkcs7_verify(char *pkcs7_file,
MD_OR_USE_PSA_INIT();
mbedtls_pkcs7_init(&pkcs7);
/* crt_files are space seprated list */
for (i = 0; i < strlen(crt_files); i++) {
if (crt_files[i] == ' ') {
@ -100,7 +102,6 @@ void pkcs7_verify(char *pkcs7_file,
i = k;
}
mbedtls_pkcs7_init(&pkcs7);
for (i = 0; i < n_crts; i++) {
TEST_CALLOC(crts[i], 1);
mbedtls_x509_crt_init(crts[i]);

2
tests/suites/test_suite_psa_crypto.function
View File

@ -9764,7 +9764,7 @@ void persistent_key_load_key_from_storage(data_t *data,
unsigned char *first_export = NULL;
unsigned char *second_export = NULL;
size_t export_size = PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits);
size_t first_exported_length;
size_t first_exported_length = 0;
size_t second_exported_length;
if (usage_flags & PSA_KEY_USAGE_EXPORT) {

4
tests/suites/test_suite_version.function
View File

@ -20,7 +20,7 @@ void check_compiletime_version(char *version_str)
mbedtls_snprintf(build_str, 100, "%d.%d.%d", MBEDTLS_VERSION_MAJOR,
MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH);
mbedtls_snprintf(build_str_full, 100, "mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR,
mbedtls_snprintf(build_str_full, 100, "Mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR,
MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH);
build_int = MBEDTLS_VERSION_MAJOR << 24 |
@ -56,7 +56,7 @@ void check_runtime_version(char *version_str)
(get_int >> 24) & 0xFF,
(get_int >> 16) & 0xFF,
(get_int >> 8) & 0xFF);
mbedtls_snprintf(build_str_full, 100, "mbed TLS %s", version_str);
mbedtls_snprintf(build_str_full, 100, "Mbed TLS %s", version_str);
TEST_ASSERT(strcmp(build_str, version_str) == 0);
TEST_ASSERT(strcmp(build_str_full, get_str_full) == 0);

Some files were not shown because too many files have changed in this diff Show More