diff --git a/BRANCHES.md b/BRANCHES.md index d5144188ea..8486ef0637 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -6,8 +6,12 @@ At any point in time, we have a number of maintained branches consisting of: this always contains the latest release, including all publicly available security fixes. - The [`development`](https://github.com/ARMmbed/mbedtls/tree/development) branch: - this is where new features land, - as well as bug fixes and security fixes. + this is where the next major version of Mbed TLS (version 3.0) is being + prepared. It has API changes that make it incompatible with Mbed TLS 2.x, + as well as all the new features and bug fixes and security fixes. +- The [`development_2.x`](https://github.com/ARMmbed/mbedtls/tree/development_2.x) branch: + this branch retains the API of Mbed TLS 2.x, and has a subset of the + features added after Mbed TLS 2.26.0 and bug fixes and security fixes. - One or more long-time support (LTS) branches: these only get bug fixes and security fixes. @@ -48,6 +52,7 @@ The following branches are currently maintained: - [master](https://github.com/ARMmbed/mbedtls/tree/master) - [`development`](https://github.com/ARMmbed/mbedtls/) +- [`development_2.x`](https://github.com/ARMmbed/mbedtls/tree/development_2.x) - [`mbedtls-2.16`](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.16) maintained until at least the end of 2021, see diff --git a/ChangeLog b/ChangeLog index a6d4adfa18..dc6e4515d2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,98 @@ mbed TLS ChangeLog (Sorted per branch, date) += Mbed TLS 3.0.0 branch released 2021-xx-xx + +API changes + * Remove HAVEGE module. + The design of HAVEGE makes it unsuitable for microcontrollers. Platforms + with a more complex CPU usually have an operating system interface that + provides better randomness. Instead of HAVEGE, declare OS or hardware RNG + interfaces with mbedtls_entropy_add_source() and/or use an entropy seed + file created securely during device provisioning. See + https://tls.mbed.org/kb/how-to/add-entropy-sources-to-entropy-pool for + more information. + * Add missing const attributes to API functions. + * Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0: the + header compat-1.3.h and the script rename.pl. + * Remove certs module from the API. + Transfer keys and certificates embedded in the library to the test + component. This contributes to minimizing library API and discourages + users from using unsafe keys in production. + * Move alt helpers and definitions. + Various helpers and definitions available for use in alt implementations + have been moved out of the include/ directory and into the library/ + directory. The files concerned are ecp_internal.h and rsa_internal.h + which have also been renamed to ecp_alt.h and rsa_alt_helpers.h + respectively. + * Move internal headers. + Header files that were only meant for the library's internal use and + were not meant to be used in application code have been moved out of + the include/ directory. The headers concerned are bn_mul.h, aesni.h, + padlock.h, entropy_poll.h and *_internal.h. + * Drop support for parsing SSLv2 ClientHello + (MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO). + * Drop support for SSLv3 (MBEDTLS_SSL_PROTO_SSL3). + * Drop support for compatibility with our own previous buggy + implementation of truncated HMAC (MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT). + * Drop support for TLS record-level compression (MBEDTLS_ZLIB_SUPPORT). + * Drop support for RC4 TLS ciphersuites. + * Drop support for single-DES ciphersuites. + * Drop support for MBEDTLS_SSL_HW_RECORD_ACCEL. + +Requirement changes + * The library now uses the %zu format specifier with the printf() family of + functions, so requires a toolchain that supports it. This change does not + affect the maintained LTS branches, so when contributing changes please + bear this in mind and do not add them to backported code. + +Removals + * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + compile-time option, which was off by default. Users should not trust + certificates signed with SHA-1 due to the known attacks against SHA-1. + If needed, SHA-1 certificates can still be verified by using a custom + verification profile. + + * Removed deprecated things in psa/crypto_compat.h. Fixes #4284 + * Removed deprecated functions from hashing modules. Fixes #4280. + * Remove PKCS#11 library wrapper. PKCS#11 has limited functionality, + lacks automated tests and has scarce documentation. Also, PSA Crypto + provides a more flexible private key management. + More details on PCKS#11 wrapper removal can be found in the mailing list + https://lists.trustedfirmware.org/pipermail/mbed-tls/2020-April/000024.html + * Remove deprecated error codes. Fix #4283 + +Features + * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a + signature with a specific salt length. This function allows to validate + test cases provided in the NIST's CAVP test suite. Contributed by Cédric + Meuter in PR #3183. + +Bugfix + * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may + lead to the seed file corruption in case if the path to the seed file is + equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor + Krasnoshchok in #3616. + * PSA functions creating a key now return PSA_ERROR_INVALID_ARGUMENT rather + than PSA_ERROR_INVALID_HANDLE when the identifier specified for the key + to create is not valid, bringing them in line with version 1.0.0 of the + specification. Fix #4271. + * Add printf function attributes to mbedtls_debug_print_msg to ensure we + get printf format specifier warnings. + * PSA functions other than psa_open_key now return PSA_ERROR_INVALID_HANDLE + rather than PSA_ERROR_DOES_NOT_EXIST for an invalid handle, bringing them + in line with version 1.0.0 of the specification. Fix #4162. + * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits + zero. Fixes #1792 + * mbedtls_mpi_read_string on "-0" produced an MPI object that was not treated + as equal to 0 in all cases. Fix it to produce the same object as "0". + +Changes + * Fix the setting of the read timeout in the DTLS sample programs. + * Add extra printf compiler warning flags to builds. + * Fix memsan build false positive in x509_crt.c with clang 11 + * There is ongoing work for the next release (= Mbed TLS 3.0.0 branch to + be released 2021-xx-xx), including various API-breaking changes. + = mbed TLS 2.26.0 branch released 2021-03-08 API changes diff --git a/ChangeLog.d/add-missing-parenthesis.txt b/ChangeLog.d/add-missing-parenthesis.txt new file mode 100644 index 0000000000..9576ff3793 --- /dev/null +++ b/ChangeLog.d/add-missing-parenthesis.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix a compilation error when MBEDTLS_ECP_RANDOMIZE_MXZ_ALT is + defined. Fixes #4217. diff --git a/ChangeLog.d/add_const_parameters.txt b/ChangeLog.d/add_const_parameters.txt deleted file mode 100644 index a55ca3660e..0000000000 --- a/ChangeLog.d/add_const_parameters.txt +++ /dev/null @@ -1,2 +0,0 @@ -API changes - * Add missing const attributes to API functions. diff --git a/ChangeLog.d/aescrypt2.txt b/ChangeLog.d/aescrypt2.txt new file mode 100644 index 0000000000..7ffa49eaa3 --- /dev/null +++ b/ChangeLog.d/aescrypt2.txt @@ -0,0 +1,3 @@ +Changes + * Remove the AES sample application programs/aes/aescrypt2 which shows + bad cryptographic practice. Fix #1906. diff --git a/ChangeLog.d/allow_alt_cmac_without_des.txt b/ChangeLog.d/allow_alt_cmac_without_des.txt new file mode 100644 index 0000000000..5193a9e61e --- /dev/null +++ b/ChangeLog.d/allow_alt_cmac_without_des.txt @@ -0,0 +1,3 @@ +Changes + * Alternative implementations of CMAC may now opt to not support 3DES as a + CMAC block cipher, and still pass the CMAC self test. diff --git a/ChangeLog.d/bugfix_PR3616.txt b/ChangeLog.d/bugfix_PR3616.txt deleted file mode 100644 index 47d1044922..0000000000 --- a/ChangeLog.d/bugfix_PR3616.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may - lead to the seed file corruption in case if the path to the seed file is - equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor - Krasnoshchok in #3616. diff --git a/ChangeLog.d/dhm_min_bitlen.txt b/ChangeLog.d/dhm_min_bitlen.txt new file mode 100644 index 0000000000..e7ea827302 --- /dev/null +++ b/ChangeLog.d/dhm_min_bitlen.txt @@ -0,0 +1,4 @@ +Bugfix + * In a TLS client, enforce the Diffie-Hellman minimum parameter size + set with mbedtls_ssl_conf_dhm_min_bitlen() precisely. Before, the + minimum size was rounded down to the nearest multiple of 8. diff --git a/ChangeLog.d/dtls_sample_use_read_timeout.txt b/ChangeLog.d/dtls_sample_use_read_timeout.txt deleted file mode 100644 index e3150d6efb..0000000000 --- a/ChangeLog.d/dtls_sample_use_read_timeout.txt +++ /dev/null @@ -1,2 +0,0 @@ -Changes - * Fix the setting of the read timeout in the DTLS sample programs. diff --git a/ChangeLog.d/fix-invalid-id-error-code.txt b/ChangeLog.d/fix-invalid-id-error-code.txt deleted file mode 100644 index 069a7678b7..0000000000 --- a/ChangeLog.d/fix-invalid-id-error-code.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * PSA functions creating a key now return PSA_ERROR_INVALID_ARGUMENT rather - than PSA_ERROR_INVALID_HANDLE when the identifier specified for the key - to create is not valid, bringing them in line with version 1.0.0 of the - specification. Fix #4271. diff --git a/ChangeLog.d/fix-pk-parse-key-error-code.txt b/ChangeLog.d/fix-pk-parse-key-error-code.txt new file mode 100644 index 0000000000..3aa330b1a5 --- /dev/null +++ b/ChangeLog.d/fix-pk-parse-key-error-code.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix an incorrect error code when parsing a PKCS#8 private key. diff --git a/ChangeLog.d/fix-printf-specifiers.txt b/ChangeLog.d/fix-printf-specifiers.txt deleted file mode 100644 index 4867721bf3..0000000000 --- a/ChangeLog.d/fix-printf-specifiers.txt +++ /dev/null @@ -1,10 +0,0 @@ -Bugfix - * Add printf function attributes to mbedtls_debug_print_msg to ensure we - get printf format specifier warnings. -Changes - * Add extra printf compiler warning flags to builds. -Requirement changes - * The library now uses the %zu format specifier with the printf() family of - functions, so requires a toolchain that supports it. This change does not - affect the maintained LTS branches, so when contributing changes please - bear this in mind and do not add them to backported code. diff --git a/ChangeLog.d/fix_memsan_build_clang11.txt b/ChangeLog.d/fix_memsan_build_clang11.txt deleted file mode 100644 index 3f5cc058f8..0000000000 --- a/ChangeLog.d/fix_memsan_build_clang11.txt +++ /dev/null @@ -1,2 +0,0 @@ -Changes - * Fix memsan build false positive in x509_crt.c with clang 11 diff --git a/ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt b/ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt deleted file mode 100644 index dc6996e02d..0000000000 --- a/ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * PSA functions other than psa_open_key now return PSA_ERROR_INVALID_HANDLE - rather than PSA_ERROR_DOES_NOT_EXIST for an invalid handle, bringing them - in line with version 1.0.0 of the specification. Fix #4162. diff --git a/ChangeLog.d/issue1792.txt b/ChangeLog.d/issue1792.txt deleted file mode 100644 index 9949bf41d9..0000000000 --- a/ChangeLog.d/issue1792.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits - zero. Fixes #1792 diff --git a/ChangeLog.d/issue4036.txt b/ChangeLog.d/issue4036.txt new file mode 100644 index 0000000000..7009496235 --- /dev/null +++ b/ChangeLog.d/issue4036.txt @@ -0,0 +1,5 @@ +Default behavior changes + * Enable by default the functionalities which have no reason to be disabled. + They are: ARIA block cipher, CMAC mode, elliptic curve J-PAKE library and + Key Wrapping mode as defined in NIST SP 800-38F. Fixes #4036. + diff --git a/ChangeLog.d/issue4280.txt b/ChangeLog.d/issue4280.txt deleted file mode 100644 index 38d9b2c5d0..0000000000 --- a/ChangeLog.d/issue4280.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Removed deprecated functions from hashing modules. Fixes #4280. diff --git a/ChangeLog.d/issue4282.txt b/ChangeLog.d/issue4282.txt new file mode 100644 index 0000000000..685f64df40 --- /dev/null +++ b/ChangeLog.d/issue4282.txt @@ -0,0 +1,13 @@ +Removals + * Remove the following deprecated functions and constants of hex-encoded + primes based on RFC 5114 and RFC 3526 from library code and tests: + mbedtls_aes_encrypt(), mbedtls_aes_decrypt(), mbedtls_mpi_is_prime(), + mbedtls_cipher_auth_encrypt(), mbedtls_cipher_auth_decrypt(), + mbedtls_ctr_drbg_update(), mbedtls_hmac_drbg_update(), + mbedtls_ecdsa_write_signature_det(), mbedtls_ecdsa_sign_det(), + mbedtls_ssl_conf_dh_param(), mbedtls_ssl_get_max_frag_len(), + MBEDTLS_DHM_RFC5114_MODP_2048_P, MBEDTLS_DHM_RFC5114_MODP_2048_G, + MBEDTLS_DHM_RFC3526_MODP_2048_P, MBEDTLS_DHM_RFC3526_MODP_2048_G, + MBEDTLS_DHM_RFC3526_MODP_3072_P, MBEDTLS_DHM_RFC3526_MODP_3072_G, + MBEDTLS_DHM_RFC3526_MODP_4096_P, MBEDTLS_DHM_RFC3526_MODP_4096_G. + Remove the deprecated file: include/mbedtls/net.h. Fixes #4282. diff --git a/ChangeLog.d/issue4283.txt b/ChangeLog.d/issue4283.txt deleted file mode 100644 index 021ea7e1ab..0000000000 --- a/ChangeLog.d/issue4283.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Remove deprecated error codes. Fix #4283 diff --git a/ChangeLog.d/issue4284.txt b/ChangeLog.d/issue4284.txt deleted file mode 100644 index 1429becb83..0000000000 --- a/ChangeLog.d/issue4284.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Removed deprecated things in psa/crypto_compat.h. Fixes #4284 diff --git a/ChangeLog.d/move_alt_helpers.txt b/ChangeLog.d/move_alt_helpers.txt deleted file mode 100644 index ba96c9d1a2..0000000000 --- a/ChangeLog.d/move_alt_helpers.txt +++ /dev/null @@ -1,7 +0,0 @@ -API changes - * Move alt helpers and definitions. - Various helpers and definitions available for use in alt implementations - have been moved out of the include/ directory and into the library/ - directory. The files concerned are ecp_internal.h and rsa_internal.h - which have also been renamed to ecp_alt.h and rsa_alt_helpers.h - respectively. diff --git a/ChangeLog.d/move_internal_headers.txt b/ChangeLog.d/move_internal_headers.txt deleted file mode 100644 index 8a38fe68d7..0000000000 --- a/ChangeLog.d/move_internal_headers.txt +++ /dev/null @@ -1,6 +0,0 @@ -API changes - * Move internal headers. - Header files that were only meant for the library's internal use and - were not meant to be used in application code have been moved out of - the include/ directory. The headers concerned are bn_mul.h, aesni.h, - padlock.h, entropy_poll.h and *_internal.h. diff --git a/ChangeLog.d/mpi_read_negative_zero.txt b/ChangeLog.d/mpi_read_negative_zero.txt deleted file mode 100644 index e338de70b1..0000000000 --- a/ChangeLog.d/mpi_read_negative_zero.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * mbedtls_mpi_read_string on "-0" produced an MPI object that was not treated - as equal to 0 in all cases. Fix it to produce the same object as "0". diff --git a/ChangeLog.d/pkcs1_v21_sign_ext.txt b/ChangeLog.d/pkcs1_v21_sign_ext.txt deleted file mode 100644 index 76dfaf9608..0000000000 --- a/ChangeLog.d/pkcs1_v21_sign_ext.txt +++ /dev/null @@ -1,5 +0,0 @@ -Features - * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a - signature with a specific salt length. This function allows to validate - test cases provided in the NIST's CAVP test suite. Contributed by Cédric - Meuter in PR #3183. diff --git a/ChangeLog.d/psa-aead-output-size-macros-1.0.txt b/ChangeLog.d/psa-aead-output-size-macros-1.0.txt new file mode 100644 index 0000000000..22756f1a5b --- /dev/null +++ b/ChangeLog.d/psa-aead-output-size-macros-1.0.txt @@ -0,0 +1,5 @@ +API changes + * Update AEAD output size macros to bring them in line with the PSA Crypto + API version 1.0 spec. This version of the spec parameterizes them on the + key type used, as well as the key bit-size in the case of + PSA_AEAD_TAG_LENGTH. diff --git a/ChangeLog.d/psa-builtin-keys-implementation.txt b/ChangeLog.d/psa-builtin-keys-implementation.txt new file mode 100644 index 0000000000..66ba77d07e --- /dev/null +++ b/ChangeLog.d/psa-builtin-keys-implementation.txt @@ -0,0 +1,4 @@ +Features + * Added support for built-in driver keys through the PSA opaque crypto + driver interface. Refer to the documentation of + MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS for more information. diff --git a/ChangeLog.d/remove-config-psa-crypto.txt b/ChangeLog.d/remove-config-psa-crypto.txt new file mode 100644 index 0000000000..eb7cc504c2 --- /dev/null +++ b/ChangeLog.d/remove-config-psa-crypto.txt @@ -0,0 +1,3 @@ +Changes + * Remove configs/config-psa-crypto.h, which no longer had any intended + differences from the default configuration, but had accidentally diverged. diff --git a/ChangeLog.d/remove-enable-weak-ciphersuites.txt b/ChangeLog.d/remove-enable-weak-ciphersuites.txt new file mode 100644 index 0000000000..97f63ebb8a --- /dev/null +++ b/ChangeLog.d/remove-enable-weak-ciphersuites.txt @@ -0,0 +1,2 @@ +Removals + * Remove MBEDTLS_ENABLE_WEAK_CIPHERSUITES configuration option. Fixes #4416. diff --git a/ChangeLog.d/remove_allow_sha1_in_certificates b/ChangeLog.d/remove_allow_sha1_in_certificates deleted file mode 100644 index e3d16ef878..0000000000 --- a/ChangeLog.d/remove_allow_sha1_in_certificates +++ /dev/null @@ -1,14 +0,0 @@ -Removals - * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES - compile-time option, which was off by default. Users should not trust - certificates signed with SHA-1 due to the known attacks against SHA-1. - If needed, SHA-1 cerificate can still be used by providing custom - verification profile to mbedtls_x509_crt_verify_with_profile function - in x509_crt.h, or mbedtls_ssl_conf_cert_profile function in ssl.h. - Example of custom verification profile, supporting SHA-1: - const mbedtls_x509_crt_profile mbedtls_x509_crt_custom = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ), - 0xFFFFFFF, /* Any PK alg */ - 0xFFFFFFF, /* Any curve */ - 2048 - }; diff --git a/ChangeLog.d/remove_certs.txt b/ChangeLog.d/remove_certs.txt deleted file mode 100644 index 20fa0c691c..0000000000 --- a/ChangeLog.d/remove_certs.txt +++ /dev/null @@ -1,5 +0,0 @@ -API changes - * Remove certs module from the API. - Transfer keys and certificates embedded in the library to the test - component. This contributes to minimizing library API and discourages - users from using unsafe keys in production. diff --git a/ChangeLog.d/remove_havege.txt b/ChangeLog.d/remove_havege.txt deleted file mode 100644 index 9054010bed..0000000000 --- a/ChangeLog.d/remove_havege.txt +++ /dev/null @@ -1,9 +0,0 @@ -API changes - * Remove HAVEGE module. - The design of HAVEGE makes it unsuitable for microcontrollers. Platforms - with a more complex CPU usually have an operating system interface that - provides better randomness. Instead of HAVEGE, declare OS or hardware RNG - interfaces with mbedtls_entropy_add_source() and/or use an entropy seed - file created securely during device provisioning. See - https://tls.mbed.org/kb/how-to/add-entropy-sources-to-entropy-pool for - more information. diff --git a/ChangeLog.d/remove_obsolete_tls_features.txt b/ChangeLog.d/remove_obsolete_tls_features.txt deleted file mode 100644 index 87186bff80..0000000000 --- a/ChangeLog.d/remove_obsolete_tls_features.txt +++ /dev/null @@ -1,10 +0,0 @@ -API changes - * Drop support for parsing SSLv2 ClientHello - (MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO). - * Drop support for SSLv3 (MBEDTLS_SSL_PROTO_SSL3). - * Drop support for compatibility with our own previous buggy - implementation of truncated HMAC (MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT). - * Drop support for TLS record-level compression (MBEDTLS_ZLIB_SUPPORT). - * Drop support for RC4 TLS ciphersuites. - * Drop support for single-DES ciphersuites. - * Drop support for MBEDTLS_SSL_HW_RECORD_ACCEL. diff --git a/ChangeLog.d/remove_old_transition_helpers.txt b/ChangeLog.d/remove_old_transition_helpers.txt deleted file mode 100644 index c23bbe91cd..0000000000 --- a/ChangeLog.d/remove_old_transition_helpers.txt +++ /dev/null @@ -1,3 +0,0 @@ -API changes - * Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0: the - header compat-1.3.h and the script rename.pl. diff --git a/ChangeLog.d/remove_pkcs11.txt b/ChangeLog.d/remove_pkcs11.txt deleted file mode 100644 index 5c8134cfc7..0000000000 --- a/ChangeLog.d/remove_pkcs11.txt +++ /dev/null @@ -1,6 +0,0 @@ -Removals - * Remove PKCS#11 library wrapper. PKCS#11 has limited functionality, - lacks automated tests and has scarce documentation. Also, PSA Crypto - provides a more flexible private key management. - More details on PCKS#11 wrapper removal can be found in the mailing list - https://lists.trustedfirmware.org/pipermail/mbed-tls/2020-April/000024.html diff --git a/ChangeLog.d/rm-ticket-lifetime-option b/ChangeLog.d/rm-ticket-lifetime-option new file mode 100644 index 0000000000..4851512f87 --- /dev/null +++ b/ChangeLog.d/rm-ticket-lifetime-option @@ -0,0 +1,5 @@ +Removals + * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + compile-time option. This option has been inactive for a long time. + Please use the `lifetime` parameter of `mbedtls_ssl_ticket_setup()` + instead. diff --git a/ChangeLog.d/x509_remove_info.txt b/ChangeLog.d/x509_remove_info.txt new file mode 100644 index 0000000000..c103b1bd89 --- /dev/null +++ b/ChangeLog.d/x509_remove_info.txt @@ -0,0 +1,6 @@ +API changes + * Add configuration option MBEDTLS_X509_REMOVE_INFO which + removes the mbedtls_x509_*_info(), mbedtls_debug_print_crt() + as well as other functions and constants only used by + those functions. This reduces the code footprint by + several kB. diff --git a/README.md b/README.md index 759ffb57a8..ee6ad52a31 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,11 @@ Mbed TLS is a C library that implements cryptographic primitives, X.509 certific Mbed TLS includes a reference implementation of the [PSA Cryptography API](#psa-cryptography-api). This is currently a preview for evaluation purposes only. +Stability +--------- + +**Warning: the [`development`](https://github.com/ARMmbed/mbedtls/tree/development) branch of Mbed TLS currently has an unstable API.** It is where work is happening on the next major release of Mbed TLS. Until Mbed TLS 3.0 is released, if you need a stable API, please use the branch [`development_2.x`](https://github.com/ARMmbed/mbedtls/tree/development_2.x) instead. + Configuration ------------- diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h deleted file mode 100644 index 2d09c15e27..0000000000 --- a/configs/config-psa-crypto.h +++ /dev/null @@ -1,3222 +0,0 @@ -/** - * \file config.h - * - * \brief Configuration options (set of defines) - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - -#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) -#define _CRT_SECURE_NO_DEPRECATE 1 -#endif - -/** - * \name SECTION: System support - * - * This section sets system specific settings. - * \{ - */ - -/** - * \def MBEDTLS_HAVE_ASM - * - * The compiler has support for asm(). - * - * Requires support for asm() in compiler. - * - * Used in: - * library/aria.c - * library/timing.c - * library/bn_mul.h - * - * Required by: - * MBEDTLS_AESNI_C - * MBEDTLS_PADLOCK_C - * - * Comment to disable the use of assembly code. - */ -#define MBEDTLS_HAVE_ASM - -/** - * \def MBEDTLS_NO_UDBL_DIVISION - * - * The platform lacks support for double-width integer division (64-bit - * division on a 32-bit platform, 128-bit division on a 64-bit platform). - * - * Used in: - * include/mbedtls/bignum.h - * library/bignum.c - * - * The bignum code uses double-width division to speed up some operations. - * Double-width division is often implemented in software that needs to - * be linked with the program. The presence of a double-width integer - * type is usually detected automatically through preprocessor macros, - * but the automatic detection cannot know whether the code needs to - * and can be linked with an implementation of division for that type. - * By default division is assumed to be usable if the type is present. - * Uncomment this option to prevent the use of double-width division. - * - * Note that division for the native integer type is always required. - * Furthermore, a 64-bit type is always required even on a 32-bit - * platform, but it need not support multiplication or division. In some - * cases it is also desirable to disable some double-width operations. For - * example, if double-width division is implemented in software, disabling - * it can reduce code size in some embedded targets. - */ -//#define MBEDTLS_NO_UDBL_DIVISION - -/** - * \def MBEDTLS_NO_64BIT_MULTIPLICATION - * - * The platform lacks support for 32x32 -> 64-bit multiplication. - * - * Used in: - * library/poly1305.c - * - * Some parts of the library may use multiplication of two unsigned 32-bit - * operands with a 64-bit result in order to speed up computations. On some - * platforms, this is not available in hardware and has to be implemented in - * software, usually in a library provided by the toolchain. - * - * Sometimes it is not desirable to have to link to that library. This option - * removes the dependency of that library on platforms that lack a hardware - * 64-bit multiplier by embedding a software implementation in Mbed TLS. - * - * Note that depending on the compiler, this may decrease performance compared - * to using the library function provided by the toolchain. - */ -//#define MBEDTLS_NO_64BIT_MULTIPLICATION - -/** - * \def MBEDTLS_HAVE_SSE2 - * - * CPU supports SSE2 instruction set. - * - * Uncomment if the CPU supports SSE2 (IA-32 specific). - */ -//#define MBEDTLS_HAVE_SSE2 - -/** - * \def MBEDTLS_HAVE_TIME - * - * System has time.h and time(). - * The time does not need to be correct, only time differences are used, - * by contrast with MBEDTLS_HAVE_TIME_DATE - * - * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, - * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and - * MBEDTLS_PLATFORM_STD_TIME. - * - * Comment if your system does not support time functions - */ -#define MBEDTLS_HAVE_TIME - -/** - * \def MBEDTLS_HAVE_TIME_DATE - * - * System has time.h, time(), and an implementation for - * mbedtls_platform_gmtime_r() (see below). - * The time needs to be correct (not necessarily very accurate, but at least - * the date should be correct). This is used to verify the validity period of - * X.509 certificates. - * - * Comment if your system does not have a correct clock. - * - * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that - * behaves similarly to the gmtime_r() function from the C standard. Refer to - * the documentation for mbedtls_platform_gmtime_r() for more information. - * - * \note It is possible to configure an implementation for - * mbedtls_platform_gmtime_r() at compile-time by using the macro - * MBEDTLS_PLATFORM_GMTIME_R_ALT. - */ -#define MBEDTLS_HAVE_TIME_DATE - -/** - * \def MBEDTLS_PLATFORM_MEMORY - * - * Enable the memory allocation layer. - * - * By default mbed TLS uses the system-provided calloc() and free(). - * This allows different allocators (self-implemented or provided) to be - * provided to the platform abstraction layer. - * - * Enabling MBEDTLS_PLATFORM_MEMORY without the - * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide - * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and - * free() function pointer at runtime. - * - * Enabling MBEDTLS_PLATFORM_MEMORY and specifying - * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the - * alternate function at compile time. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Enable this layer to allow use of alternative memory allocators. - */ -//#define MBEDTLS_PLATFORM_MEMORY - -/** - * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - * - * Do not assign standard functions in the platform layer (e.g. calloc() to - * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) - * - * This makes sure there are no linking errors on platforms that do not support - * these functions. You will HAVE to provide alternatives, either at runtime - * via the platform_set_xxx() functions or at compile time by setting - * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a - * MBEDTLS_PLATFORM_XXX_MACRO. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Uncomment to prevent default assignment of standard functions in the - * platform layer. - */ -//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - -/** - * \def MBEDTLS_PLATFORM_EXIT_ALT - * - * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the - * function in the platform abstraction layer. - * - * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will - * provide a function "mbedtls_platform_set_printf()" that allows you to set an - * alternative printf function pointer. - * - * All these define require MBEDTLS_PLATFORM_C to be defined! - * - * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; - * it will be enabled automatically by check_config.h - * - * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as - * MBEDTLS_PLATFORM_XXX_MACRO! - * - * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME - * - * Uncomment a macro to enable alternate implementation of specific base - * platform function - */ -//#define MBEDTLS_PLATFORM_EXIT_ALT -//#define MBEDTLS_PLATFORM_TIME_ALT -//#define MBEDTLS_PLATFORM_FPRINTF_ALT -//#define MBEDTLS_PLATFORM_PRINTF_ALT -//#define MBEDTLS_PLATFORM_SNPRINTF_ALT -//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT -//#define MBEDTLS_PLATFORM_NV_SEED_ALT -//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT - -/** - * \def MBEDTLS_DEPRECATED_WARNING - * - * Mark deprecated functions so that they generate a warning if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * This only works with GCC and Clang. With other compilers, you may want to - * use MBEDTLS_DEPRECATED_REMOVED - * - * Uncomment to get warnings on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_WARNING - -/** - * \def MBEDTLS_DEPRECATED_REMOVED - * - * Remove deprecated functions so that they generate an error if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * Uncomment to get errors on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_REMOVED - -/** - * \def MBEDTLS_CHECK_PARAMS - * - * This configuration option controls whether the library validates more of - * the parameters passed to it. - * - * When this flag is not defined, the library only attempts to validate an - * input parameter if: (1) they may come from the outside world (such as the - * network, the filesystem, etc.) or (2) not validating them could result in - * internal memory errors such as overflowing a buffer controlled by the - * library. On the other hand, it doesn't attempt to validate parameters whose - * values are fully controlled by the application (such as pointers). - * - * When this flag is defined, the library additionally attempts to validate - * parameters that are fully controlled by the application, and should always - * be valid if the application code is fully correct and trusted. - * - * For example, when a function accepts as input a pointer to a buffer that may - * contain untrusted data, and its documentation mentions that this pointer - * must not be NULL: - * - the pointer is checked to be non-NULL only if this option is enabled - * - the content of the buffer is always validated - * - * When this flag is defined, if a library function receives a parameter that - * is invalid, it will: - * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a - * call to the function mbedtls_param_failed() - * - immediately return (with a specific error code unless the function - * returns void and can't communicate an error). - * - * When defining this flag, you also need to: - * - either provide a definition of the function mbedtls_param_failed() in - * your application (see platform_util.h for its prototype) as the library - * calls that function, but does not provide a default definition for it, - * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED() - * below if the above mechanism is not flexible enough to suit your needs. - * See the documentation of this macro later in this file. - * - * Uncomment to enable validation of application-controlled parameters. - */ -//#define MBEDTLS_CHECK_PARAMS - -/* \} name SECTION: System support */ - -/** - * \name SECTION: mbed TLS feature support - * - * This section sets support for features that are or are not needed - * within the modules that are enabled. - * \{ - */ - -/** - * \def MBEDTLS_TIMING_ALT - * - * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), - * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() - * - * Only works if you have MBEDTLS_TIMING_C enabled. - * - * You will need to provide a header "timing_alt.h" and an implementation at - * compile time. - */ -//#define MBEDTLS_TIMING_ALT - -/** - * \def MBEDTLS_AES_ALT - * - * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternate core implementation of a symmetric crypto, an arithmetic or hash - * module (e.g. platform specific assembly optimized implementations). Keep - * in mind that the function prototypes should remain the same. - * - * This replaces the whole module. If you only want to replace one of the - * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer - * provide the "struct mbedtls_aes_context" definition and omit the base - * function declarations and implementations. "aes_alt.h" will be included from - * "aes.h" to include the new function definitions. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * module. - * - * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their - * use constitutes a security risk. If possible, we recommend - * avoiding dependencies on them, and considering stronger message - * digests and ciphers instead. - * - */ -//#define MBEDTLS_AES_ALT -//#define MBEDTLS_ARC4_ALT -//#define MBEDTLS_ARIA_ALT -//#define MBEDTLS_BLOWFISH_ALT -//#define MBEDTLS_CAMELLIA_ALT -//#define MBEDTLS_CCM_ALT -//#define MBEDTLS_CHACHA20_ALT -//#define MBEDTLS_CHACHAPOLY_ALT -//#define MBEDTLS_CMAC_ALT -//#define MBEDTLS_DES_ALT -//#define MBEDTLS_DHM_ALT -//#define MBEDTLS_ECJPAKE_ALT -//#define MBEDTLS_GCM_ALT -//#define MBEDTLS_NIST_KW_ALT -//#define MBEDTLS_MD2_ALT -//#define MBEDTLS_MD4_ALT -//#define MBEDTLS_MD5_ALT -//#define MBEDTLS_POLY1305_ALT -//#define MBEDTLS_RIPEMD160_ALT -//#define MBEDTLS_RSA_ALT -//#define MBEDTLS_SHA1_ALT -//#define MBEDTLS_SHA256_ALT -//#define MBEDTLS_SHA512_ALT -//#define MBEDTLS_XTEA_ALT - -/* - * When replacing the elliptic curve module, pleace consider, that it is - * implemented with two .c files: - * - ecp.c - * - ecp_curves.c - * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT - * macros as described above. The only difference is that you have to make sure - * that you provide functionality for both .c files. - */ -//#define MBEDTLS_ECP_ALT - -/** - * \def MBEDTLS_MD2_PROCESS_ALT - * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you - * alternate core implementation of symmetric crypto or hash function. Keep in - * mind that function prototypes should remain the same. - * - * This replaces only one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will - * no longer provide the mbedtls_sha1_process() function, but it will still provide - * the other function (using your mbedtls_sha1_process() function) and the definition - * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible - * with this definition. - * - * \note Because of a signature change, the core AES encryption and decryption routines are - * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, - * respectively. When setting up alternative implementations, these functions should - * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt - * must stay untouched. - * - * \note If you use the AES_xxx_ALT macros, then is is recommended to also set - * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES - * tables. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - * - * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use - * constitutes a security risk. If possible, we recommend avoiding - * dependencies on them, and considering stronger message digests - * and ciphers instead. - * - */ -//#define MBEDTLS_MD2_PROCESS_ALT -//#define MBEDTLS_MD4_PROCESS_ALT -//#define MBEDTLS_MD5_PROCESS_ALT -//#define MBEDTLS_RIPEMD160_PROCESS_ALT -//#define MBEDTLS_SHA1_PROCESS_ALT -//#define MBEDTLS_SHA256_PROCESS_ALT -//#define MBEDTLS_SHA512_PROCESS_ALT -//#define MBEDTLS_DES_SETKEY_ALT -//#define MBEDTLS_DES_CRYPT_ECB_ALT -//#define MBEDTLS_DES3_CRYPT_ECB_ALT -//#define MBEDTLS_AES_SETKEY_ENC_ALT -//#define MBEDTLS_AES_SETKEY_DEC_ALT -//#define MBEDTLS_AES_ENCRYPT_ALT -//#define MBEDTLS_AES_DECRYPT_ALT -//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT -//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT -//#define MBEDTLS_ECDSA_VERIFY_ALT -//#define MBEDTLS_ECDSA_SIGN_ALT -//#define MBEDTLS_ECDSA_GENKEY_ALT - -/** - * \def MBEDTLS_ECP_INTERNAL_ALT - * - * Expose a part of the internal interface of the Elliptic Curve Point module. - * - * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternative core implementation of elliptic curve arithmetic. Keep in mind - * that function prototypes should remain the same. - * - * This partially replaces one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation - * is still present and it is used for group structures not supported by the - * alternative. - * - * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT - * and implementing the following functions: - * unsigned char mbedtls_internal_ecp_grp_capable( - * const mbedtls_ecp_group *grp ) - * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) - * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) - * The mbedtls_internal_ecp_grp_capable function should return 1 if the - * replacement functions implement arithmetic for the given group and 0 - * otherwise. - * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are - * called before and after each point operation and provide an opportunity to - * implement optimized set up and tear down instructions. - * - * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and - * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac - * function, but will use your mbedtls_internal_ecp_double_jac if the group is - * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when - * receives it as an argument). If the group is not supported then the original - * implementation is used. The other functions and the definition of - * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your - * implementation of mbedtls_internal_ecp_double_jac and - * mbedtls_internal_ecp_grp_capable must be compatible with this definition. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - */ -/* Required for all the functions in this section */ -//#define MBEDTLS_ECP_INTERNAL_ALT -/* Support for Weierstrass curves with Jacobi representation */ -//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT -//#define MBEDTLS_ECP_ADD_MIXED_ALT -//#define MBEDTLS_ECP_DOUBLE_JAC_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT -/* Support for curves with Montgomery arithmetic */ -//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT -//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT -//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT - -/** - * \def MBEDTLS_TEST_NULL_ENTROPY - * - * Enables testing and use of mbed TLS without any configured entropy sources. - * This permits use of the library on platforms before an entropy source has - * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the - * MBEDTLS_ENTROPY_NV_SEED switches). - * - * WARNING! This switch MUST be disabled in production builds, and is suitable - * only for development. - * Enabling the switch negates any security provided by the library. - * - * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - */ -//#define MBEDTLS_TEST_NULL_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_HARDWARE_ALT - * - * Uncomment this macro to let mbed TLS use your own implementation of a - * hardware entropy collector. - * - * Your function must be called \c mbedtls_hardware_poll(), have the same - * prototype as declared in entropy_poll.h, and accept NULL as first argument. - * - * Uncomment to use your own hardware entropy collector. - */ -//#define MBEDTLS_ENTROPY_HARDWARE_ALT - -/** - * \def MBEDTLS_AES_ROM_TABLES - * - * Use precomputed AES tables stored in ROM. - * - * Uncomment this macro to use precomputed AES tables stored in ROM. - * Comment this macro to generate AES tables in RAM at runtime. - * - * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb - * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the - * initialization time before the first AES operation can be performed. - * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c - * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded - * performance if ROM access is slower than RAM access. - * - * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. - * - */ -//#define MBEDTLS_AES_ROM_TABLES - -/** - * \def MBEDTLS_AES_FEWER_TABLES - * - * Use less ROM/RAM for AES tables. - * - * Uncommenting this macro omits 75% of the AES tables from - * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) - * by computing their values on the fly during operations - * (the tables are entry-wise rotations of one another). - * - * Tradeoff: Uncommenting this reduces the RAM / ROM footprint - * by ~6kb but at the cost of more arithmetic operations during - * runtime. Specifically, one has to compare 4 accesses within - * different tables to 4 accesses with additional arithmetic - * operations within the same table. The performance gain/loss - * depends on the system and memory details. - * - * This option is independent of \c MBEDTLS_AES_ROM_TABLES. - * - */ -//#define MBEDTLS_AES_FEWER_TABLES - -/** - * \def MBEDTLS_CAMELLIA_SMALL_MEMORY - * - * Use less ROM for the Camellia implementation (saves about 768 bytes). - * - * Uncomment this macro to use less memory for Camellia. - */ -//#define MBEDTLS_CAMELLIA_SMALL_MEMORY - -/** - * \def MBEDTLS_CIPHER_MODE_CBC - * - * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CBC - -/** - * \def MBEDTLS_CIPHER_MODE_CFB - * - * Enable Cipher Feedback mode (CFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CFB - -/** - * \def MBEDTLS_CIPHER_MODE_CTR - * - * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CTR - -/** - * \def MBEDTLS_CIPHER_MODE_OFB - * - * Enable Output Feedback mode (OFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_OFB - -/** - * \def MBEDTLS_CIPHER_MODE_XTS - * - * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. - */ -#define MBEDTLS_CIPHER_MODE_XTS - -/** - * \def MBEDTLS_CIPHER_NULL_CIPHER - * - * Enable NULL cipher. - * Warning: Only do so when you know what you are doing. This allows for - * encryption or channels without any security! - * - * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: - * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA - * - * Uncomment this macro to enable the NULL cipher and ciphersuites - */ -//#define MBEDTLS_CIPHER_NULL_CIPHER - -/** - * \def MBEDTLS_CIPHER_PADDING_PKCS7 - * - * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for - * specific padding modes in the cipher layer with cipher modes that support - * padding (e.g. CBC) - * - * If you disable all padding modes, only full blocks can be used with CBC. - * - * Enable padding modes in the cipher layer. - */ -#define MBEDTLS_CIPHER_PADDING_PKCS7 -#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS -#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN -#define MBEDTLS_CIPHER_PADDING_ZEROS - -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * Uncomment this macro to enable weak ciphersuites - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - -/** - * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED - * - * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve - * module. By default all supported curves are enabled. - * - * Comment macros to disable the curve and functions for it - */ -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED -#define MBEDTLS_ECP_DP_SECP256K1_ENABLED -#define MBEDTLS_ECP_DP_BP256R1_ENABLED -#define MBEDTLS_ECP_DP_BP384R1_ENABLED -#define MBEDTLS_ECP_DP_BP512R1_ENABLED -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED -#define MBEDTLS_ECP_DP_CURVE448_ENABLED - -/** - * \def MBEDTLS_ECP_NIST_OPTIM - * - * Enable specific 'modulo p' routines for each NIST prime. - * Depending on the prime and architecture, makes operations 4 to 8 times - * faster on the corresponding curve. - * - * Comment this macro to disable NIST curves optimisation. - */ -#define MBEDTLS_ECP_NIST_OPTIM - -/** - * \def MBEDTLS_ECP_RESTARTABLE - * - * Enable "non-blocking" ECC operations that can return early and be resumed. - * - * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in - * order to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum - * number of ECC operations a function may perform before pausing; see - * mbedtls_ecp_set_max_ops() for more information. - * - * This is useful in non-threaded environments if you want to avoid blocking - * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. - * - * Uncomment this macro to enable restartable ECC computations. - * - * \note This option only works with the default software implementation of - * elliptic curve functionality. It is incompatible with - * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT. - */ -//#define MBEDTLS_ECP_RESTARTABLE - -/** - * \def MBEDTLS_ECDSA_DETERMINISTIC - * - * Enable deterministic ECDSA (RFC 6979). - * Standard ECDSA is "fragile" in the sense that lack of entropy when signing - * may result in a compromise of the long-term signing key. This is avoided by - * the deterministic variant. - * - * Requires: MBEDTLS_HMAC_DRBG_C - * - * Comment this macro to disable deterministic ECDSA. - */ -#define MBEDTLS_ECDSA_DETERMINISTIC - -/** - * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - * - * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Requires: MBEDTLS_ECJPAKE_C - * MBEDTLS_SHA256_C - * MBEDTLS_ECP_DP_SECP256R1_ENABLED - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - */ -//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - -/** - * \def MBEDTLS_PK_PARSE_EC_EXTENDED - * - * Enhance support for reading EC keys using variants of SEC1 not allowed by - * RFC 5915 and RFC 5480. - * - * Currently this means parsing the SpecifiedECDomain choice of EC - * parameters (only known groups are supported, not arbitrary domains, to - * avoid validation issues). - * - * Disable if you only need to support RFC 5915 + 5480 key formats. - */ -#define MBEDTLS_PK_PARSE_EC_EXTENDED - -/** - * \def MBEDTLS_ERROR_STRERROR_DUMMY - * - * Enable a dummy error function to make use of mbedtls_strerror() in - * third party libraries easier when MBEDTLS_ERROR_C is disabled - * (no effect when MBEDTLS_ERROR_C is enabled). - * - * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're - * not using mbedtls_strerror() or error_strerror() in your application. - * - * Disable if you run into name conflicts and want to really remove the - * mbedtls_strerror() - */ -#define MBEDTLS_ERROR_STRERROR_DUMMY - -/** - * \def MBEDTLS_GENPRIME - * - * Enable the prime-number generation code. - * - * Requires: MBEDTLS_BIGNUM_C - */ -#define MBEDTLS_GENPRIME - -/** - * \def MBEDTLS_FS_IO - * - * Enable functions that use the filesystem. - */ -#define MBEDTLS_FS_IO - -/** - * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - * Do not add default entropy sources. These are the platform specific - * or mbedtls_timing_hardclock poll function. - * - * This is useful to have more control over the added entropy sources in an - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. - */ -//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - -/** - * \def MBEDTLS_NO_PLATFORM_ENTROPY - * - * Do not use built-in platform entropy functions. - * This is useful if your platform does not support - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. - */ -//#define MBEDTLS_NO_PLATFORM_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_FORCE_SHA256 - * - * Force the entropy accumulator to use a SHA-256 accumulator instead of the - * default SHA-512 based one (if both are available). - * - * Requires: MBEDTLS_SHA256_C - * - * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option - * if you have performance concerns. - * - * This option is only useful if both MBEDTLS_SHA256_C and - * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. - */ -//#define MBEDTLS_ENTROPY_FORCE_SHA256 - -/** - * \def MBEDTLS_ENTROPY_NV_SEED - * - * Enable the non-volatile (NV) seed file-based entropy source. - * (Also enables the NV seed read/write functions in the platform layer) - * - * This is crucial (if not required) on systems that do not have a - * cryptographic entropy source (in hardware or kernel) available. - * - * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C - * - * \note The read/write functions that are used by the entropy source are - * determined in the platform layer, and can be modified at runtime and/or - * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. - * - * \note If you use the default implementation functions that read a seedfile - * with regular fopen(), please make sure you make a seedfile with the - * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at - * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from - * and written to or you will get an entropy source error! The default - * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE - * bytes from the file. - * - * \note The entropy collector will write to the seed file before entropy is - * given to an external source, to update it. - */ -//#define MBEDTLS_ENTROPY_NV_SEED - -/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - * - * Enable key identifiers that encode a key owner identifier. - * - * This is only meaningful when building the library as part of a - * multi-client service. When you activate this option, you must provide an - * implementation of the type mbedtls_key_owner_id_t and a translation from - * mbedtls_svc_key_id_t to file name in all the storage backends that you - * you wish to support. - * - * Note that this option is meant for internal use only and may be removed - * without notice. - */ -//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - -/** - * \def MBEDTLS_MEMORY_DEBUG - * - * Enable debugging of buffer allocator memory issues. Automatically prints - * (to stderr) all (fatal) messages on memory allocation issues. Enables - * function for 'debug output' of allocated memory. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Uncomment this macro to let the buffer allocator print out error messages. - */ -//#define MBEDTLS_MEMORY_DEBUG - -/** - * \def MBEDTLS_MEMORY_BACKTRACE - * - * Include backtrace information with each allocated block. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * GLIBC-compatible backtrace() an backtrace_symbols() support - * - * Uncomment this macro to include backtrace information - */ -//#define MBEDTLS_MEMORY_BACKTRACE - -/** - * \def MBEDTLS_PK_RSA_ALT_SUPPORT - * - * Support external private RSA keys (eg from a HSM) in the PK layer. - * - * Comment this macro to disable support for external private RSA keys. - */ -#define MBEDTLS_PK_RSA_ALT_SUPPORT - -/** - * \def MBEDTLS_PKCS1_V15 - * - * Enable support for PKCS#1 v1.5 encoding. - * - * Requires: MBEDTLS_RSA_C - * - * This enables support for PKCS#1 v1.5 operations. - */ -#define MBEDTLS_PKCS1_V15 - -/** - * \def MBEDTLS_PKCS1_V21 - * - * Enable support for PKCS#1 v2.1 encoding. - * - * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C - * - * This enables support for RSAES-OAEP and RSASSA-PSS operations. - */ -#define MBEDTLS_PKCS1_V21 - -/** - * \def MBEDTLS_PSA_CRYPTO_SPM - * - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure - * Partition Manager) integration which separates the code into two parts: a - * NSPE (Non-Secure Process Environment) and an SPE (Secure Process - * Environment). - * - * Module: library/psa_crypto.c - * Requires: MBEDTLS_PSA_CRYPTO_C - * - */ -//#define MBEDTLS_PSA_CRYPTO_SPM - -/** - * \def MBEDTLS_PSA_INJECT_ENTROPY - * - * Enable support for entropy injection at first boot. This feature is - * required on systems that do not have a built-in entropy source (TRNG). - * This feature is currently not supported on systems that have a built-in - * entropy source. - * - * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED - * - */ -//#define MBEDTLS_PSA_INJECT_ENTROPY - -/** - * \def MBEDTLS_RSA_NO_CRT - * - * Do not use the Chinese Remainder Theorem - * for the RSA private operation. - * - * Uncomment this macro to disable the use of CRT in RSA. - * - */ -//#define MBEDTLS_RSA_NO_CRT - -/** - * \def MBEDTLS_SELF_TEST - * - * Enable the checkup functions (*_self_test). - */ -#define MBEDTLS_SELF_TEST - -/** - * \def MBEDTLS_SHA256_SMALLER - * - * Enable an implementation of SHA-256 that has lower ROM footprint but also - * lower performance. - * - * The default implementation is meant to be a reasonnable compromise between - * performance and size. This version optimizes more aggressively for size at - * the expense of performance. Eg on Cortex-M4 it reduces the size of - * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about - * 30%. - * - * Uncomment to enable the smaller implementation of SHA256. - */ -//#define MBEDTLS_SHA256_SMALLER - -/** - * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#define MBEDTLS_SSL_ALL_ALERT_MESSAGES - -/** - * \def MBEDTLS_SSL_ASYNC_PRIVATE - * - * Enable asynchronous external private key operations in SSL. This allows - * you to configure an SSL connection to call an external cryptographic - * module to perform private key operations instead of performing the - * operation inside the library. - * - */ -//#define MBEDTLS_SSL_ASYNC_PRIVATE - -/** - * \def MBEDTLS_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -//#define MBEDTLS_SSL_DEBUG_ALL - -/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#define MBEDTLS_SSL_ENCRYPT_THEN_MAC - -/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for Extended Master Secret, aka Session Hash - * (draft-ietf-tls-session-hash-02). - * - * This was introduced as "the proper fix" to the Triple Handshake familiy of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET - -/** - * \def MBEDTLS_SSL_FALLBACK_SCSV - * - * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define MBEDTLS_SSL_FALLBACK_SCSV - -/** - * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in TLS 1.0. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING - -/** - * \def MBEDTLS_SSL_RENEGOTIATION - * - * Enable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Comment this to disable support for renegotiation. - * - * \note Even if this option is disabled, both client and server are aware - * of the Renegotiation Indication Extension (RFC 5746) used to - * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). - * (See \c mbedtls_ssl_conf_legacy_renegotiation for the - * configuration of this extension). - * - */ -#define MBEDTLS_SSL_RENEGOTIATION - -/** - * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - -/** - * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def MBEDTLS_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1_1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). - * - * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C - * (Depends on ciphersuites) - * - * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 - */ -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/** - * \def MBEDTLS_SSL_PROTO_DTLS - * - * Enable support for DTLS (all available versions). - * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, - * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_1 - * or MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for DTLS - */ -#define MBEDTLS_SSL_PROTO_DTLS - -/** - * \def MBEDTLS_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#define MBEDTLS_SSL_ALPN - -/** - * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY - * - * Enable support for the anti-replay mechanism in DTLS. - * - * Requires: MBEDTLS_SSL_TLS_C - * MBEDTLS_SSL_PROTO_DTLS - * - * \warning Disabling this is often a security risk! - * See mbedtls_ssl_conf_dtls_anti_replay() for details. - * - * Comment this to disable anti-replay in DTLS. - */ -#define MBEDTLS_SSL_DTLS_ANTI_REPLAY - -/** - * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Enable support for HelloVerifyRequest on DTLS servers. - * - * This feature is highly recommended to prevent DTLS servers being used as - * amplifiers in DoS attacks against other hosts. It should always be enabled - * unless you know for sure amplification cannot be a problem in the - * environment in which your server operates. - * - * \warning Disabling this can ba a security risk! (see above) - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Comment this to disable support for HelloVerifyRequest. - */ -#define MBEDTLS_SSL_DTLS_HELLO_VERIFY - -/** - * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - * - * Enable server-side support for clients that reconnect from the same port. - * - * Some clients unexpectedly close the connection and try to reconnect using the - * same source port. This needs special support from the server to handle the - * new connection securely, as described in section 4.2.8 of RFC 6347. This - * flag enables that support. - * - * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Comment this to disable support for clients reusing the source port. - */ -#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - -/** - * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT - * - * Enable support for a limit of records with bad MAC. - * - * See mbedtls_ssl_conf_dtls_badmac_limit(). - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - */ -#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT - -/** - * \def MBEDTLS_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintenance of a - * session store remains the responsibility of the application, though). - * Server-side, you also need to provide callbacks for writing and parsing - * tickets, including authenticated encryption and key management. Example - * callbacks are provided by MBEDTLS_SSL_TICKET_C. - * - * Comment this macro to disable support for SSL session tickets - */ -#define MBEDTLS_SSL_SESSION_TICKETS - -/** - * \def MBEDTLS_SSL_EXPORT_KEYS - * - * Enable support for exporting key block and master secret. - * This is required for certain users of TLS, e.g. EAP-TLS. - * - * Comment this macro to disable support for key export - */ -#define MBEDTLS_SSL_EXPORT_KEYS - -/** - * \def MBEDTLS_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#define MBEDTLS_SSL_SERVER_NAME_INDICATION - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define MBEDTLS_SSL_TRUNCATED_HMAC - -/** - * \def MBEDTLS_THREADING_ALT - * - * Provide your own alternate threading implementation. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to allow your own alternate threading implementation. - */ -//#define MBEDTLS_THREADING_ALT - -/** - * \def MBEDTLS_THREADING_PTHREAD - * - * Enable the pthread wrapper layer for the threading layer. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to enable pthread mutexes. - */ -//#define MBEDTLS_THREADING_PTHREAD - -/** - * \def MBEDTLS_USE_PSA_CRYPTO - * - * Make the X.509 and TLS library use PSA for cryptographic operations, see - * #MBEDTLS_PSA_CRYPTO_C. - * - * Note: this option is still in progress, the full X.509 and TLS modules are - * not covered yet, but parts that are not ported to PSA yet will still work - * as usual, so enabling this option should not break backwards compatibility. - * - * \warning Support for PSA is still an experimental feature. - * Any public API that depends on this option may change - * at any time until this warning is removed. - * - * Requires: MBEDTLS_PSA_CRYPTO_C. - */ -//#define MBEDTLS_USE_PSA_CRYPTO - -/** - * \def MBEDTLS_VERSION_FEATURES - * - * Allow run-time checking of compile-time enabled features. Thus allowing users - * to check at run-time if the library is for instance compiled with threading - * support via mbedtls_version_check_feature(). - * - * Requires: MBEDTLS_VERSION_C - * - * Comment this to disable run-time checking and save ROM space - */ -#define MBEDTLS_VERSION_FEATURES - -/** - * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - -/** - * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * \warning Depending on your PKI use, enabling this can be a security risk! - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -/** - * \def MBEDTLS_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define MBEDTLS_X509_CHECK_KEY_USAGE - -/** - * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - -/** - * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define MBEDTLS_X509_RSASSA_PSS_SUPPORT -/* \} name SECTION: mbed TLS feature support */ - -/** - * \name SECTION: mbed TLS modules - * - * This section enables or disables entire modules in mbed TLS - * \{ - */ - -/** - * \def MBEDTLS_AESNI_C - * - * Enable AES-NI support on x86-64. - * - * Module: library/aesni.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the AES-NI instructions on x86-64 - */ -#define MBEDTLS_AESNI_C - -/** - * \def MBEDTLS_AES_C - * - * Enable the AES block cipher. - * - * Module: library/aes.c - * Caller: library/cipher.c - * library/pem.c - * library/ctr_drbg.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * - * PEM_PARSE uses AES for decrypting encrypted keys. - */ -#define MBEDTLS_AES_C - -/** - * \def MBEDTLS_ARC4_C - * - * Enable the ARCFOUR stream cipher. - * - * Module: library/arc4.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. If possible, we recommend avoidng dependencies on - * it, and considering stronger ciphers instead. - * - */ -#define MBEDTLS_ARC4_C - -/** - * \def MBEDTLS_ASN1_PARSE_C - * - * Enable the generic ASN1 parser. - * - * Module: library/asn1.c - * Caller: library/x509.c - * library/dhm.c - * library/pkcs12.c - * library/pkcs5.c - * library/pkparse.c - */ -#define MBEDTLS_ASN1_PARSE_C - -/** - * \def MBEDTLS_ASN1_WRITE_C - * - * Enable the generic ASN1 writer. - * - * Module: library/asn1write.c - * Caller: library/ecdsa.c - * library/pkwrite.c - * library/x509_create.c - * library/x509write_crt.c - * library/x509write_csr.c - */ -#define MBEDTLS_ASN1_WRITE_C - -/** - * \def MBEDTLS_BASE64_C - * - * Enable the Base64 module. - * - * Module: library/base64.c - * Caller: library/pem.c - * - * This module is required for PEM support (required by X.509). - */ -#define MBEDTLS_BASE64_C - -/** - * \def MBEDTLS_BIGNUM_C - * - * Enable the multi-precision integer library. - * - * Module: library/bignum.c - * Caller: library/dhm.c - * library/ecp.c - * library/ecdsa.c - * library/rsa.c - * library/rsa_alt_helpers.h - * library/ssl_tls.c - * - * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. - */ -#define MBEDTLS_BIGNUM_C - -/** - * \def MBEDTLS_BLOWFISH_C - * - * Enable the Blowfish block cipher. - * - * Module: library/blowfish.c - */ -#define MBEDTLS_BLOWFISH_C - -/** - * \def MBEDTLS_CAMELLIA_C - * - * Enable the Camellia block cipher. - * - * Module: library/camellia.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#define MBEDTLS_CAMELLIA_C - -/** - * \def MBEDTLS_ARIA_C - * - * Enable the ARIA block cipher. - * - * Module: library/aria.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 - */ -//#define MBEDTLS_ARIA_C - -/** - * \def MBEDTLS_CCM_C - * - * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. - * - * Module: library/ccm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-CCM ciphersuites, if other requisites are - * enabled as well. - */ -#define MBEDTLS_CCM_C - -/** - * \def MBEDTLS_CHACHA20_C - * - * Enable the ChaCha20 stream cipher. - * - * Module: library/chacha20.c - */ -#define MBEDTLS_CHACHA20_C - -/** - * \def MBEDTLS_CHACHAPOLY_C - * - * Enable the ChaCha20-Poly1305 AEAD algorithm. - * - * Module: library/chachapoly.c - * - * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C - */ -#define MBEDTLS_CHACHAPOLY_C - -/** - * \def MBEDTLS_CIPHER_C - * - * Enable the generic cipher layer. - * - * Module: library/cipher.c - * Caller: library/ssl_tls.c - * - * Uncomment to enable generic cipher wrappers. - */ -#define MBEDTLS_CIPHER_C - -/** - * \def MBEDTLS_CMAC_C - * - * Enable the CMAC (Cipher-based Message Authentication Code) mode for block - * ciphers. - * - * Module: library/cmac.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C - * - */ -#define MBEDTLS_CMAC_C - -/** - * \def MBEDTLS_CTR_DRBG_C - * - * Enable the CTR_DRBG AES-based random generator. - * The CTR_DRBG generator uses AES-256 by default. - * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. - * - * Module: library/ctr_drbg.c - * Caller: - * - * Requires: MBEDTLS_AES_C - * - * This module provides the CTR_DRBG AES random number generator. - */ -#define MBEDTLS_CTR_DRBG_C - -/** - * \def MBEDTLS_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -#define MBEDTLS_DEBUG_C - -/** - * \def MBEDTLS_DES_C - * - * Enable the DES block cipher. - * - * Module: library/des.c - * Caller: library/pem.c - * library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * - * PEM_PARSE uses DES/3DES for decrypting encrypted keys. - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -#define MBEDTLS_DES_C - -/** - * \def MBEDTLS_DHM_C - * - * Enable the Diffie-Hellman-Merkle module. - * - * Module: library/dhm.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * DHE-RSA, DHE-PSK - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_DHM_C - -/** - * \def MBEDTLS_ECDH_C - * - * Enable the elliptic curve Diffie-Hellman library. - * - * Module: library/ecdh.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK - * - * Requires: MBEDTLS_ECP_C - */ -#define MBEDTLS_ECDH_C - -/** - * \def MBEDTLS_ECDSA_C - * - * Enable the elliptic curve DSA library. - * - * Module: library/ecdsa.c - * Caller: - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C - */ -#define MBEDTLS_ECDSA_C - -/** - * \def MBEDTLS_ECJPAKE_C - * - * Enable the elliptic curve J-PAKE library. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Module: library/ecjpake.c - * Caller: - * - * This module is used by the following key exchanges: - * ECJPAKE - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C - */ -//#define MBEDTLS_ECJPAKE_C - -/** - * \def MBEDTLS_ECP_C - * - * Enable the elliptic curve over GF(p) library. - * - * Module: library/ecp.c - * Caller: library/ecdh.c - * library/ecdsa.c - * library/ecjpake.c - * - * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED - */ -#define MBEDTLS_ECP_C - -/** - * \def MBEDTLS_ENTROPY_C - * - * Enable the platform-specific entropy code. - * - * Module: library/entropy.c - * Caller: - * - * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C - * - * This module provides a generic entropy pool - */ -#define MBEDTLS_ENTROPY_C - -/** - * \def MBEDTLS_ERROR_C - * - * Enable error code to error string conversion. - * - * Module: library/error.c - * Caller: - * - * This module enables mbedtls_strerror(). - */ -#define MBEDTLS_ERROR_C - -/** - * \def MBEDTLS_GCM_C - * - * Enable the Galois/Counter Mode (GCM) for AES. - * - * Module: library/gcm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. - */ -#define MBEDTLS_GCM_C - -/** - * \def MBEDTLS_HKDF_C - * - * Enable the HKDF algorithm (RFC 5869). - * - * Module: library/hkdf.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the Hashed Message Authentication Code - * (HMAC)-based key derivation function (HKDF). - */ -#define MBEDTLS_HKDF_C - -/** - * \def MBEDTLS_HMAC_DRBG_C - * - * Enable the HMAC_DRBG random generator. - * - * Module: library/hmac_drbg.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * Uncomment to enable the HMAC_DRBG random number geerator. - */ -#define MBEDTLS_HMAC_DRBG_C - -/** - * \def MBEDTLS_NIST_KW_C - * - * Enable the Key Wrapping mode for 128-bit block ciphers, - * as defined in NIST SP 800-38F. Only KW and KWP modes - * are supported. At the moment, only AES is approved by NIST. - * - * Module: library/nist_kw.c - * - * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C - */ -//#define MBEDTLS_NIST_KW_C - -/** - * \def MBEDTLS_MD_C - * - * Enable the generic message digest layer. - * - * Module: library/md.c - * Caller: - * - * Uncomment to enable generic message digest wrappers. - */ -#define MBEDTLS_MD_C - -/** - * \def MBEDTLS_MD2_C - * - * Enable the MD2 hash algorithm. - * - * Module: library/md2.c - * Caller: - * - * Uncomment to enable support for (rare) MD2-signed X.509 certs. - * - * \warning MD2 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD2_C - -/** - * \def MBEDTLS_MD4_C - * - * Enable the MD4 hash algorithm. - * - * Module: library/md4.c - * Caller: - * - * Uncomment to enable support for (rare) MD4-signed X.509 certs. - * - * \warning MD4 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD4_C - -/** - * \def MBEDTLS_MD5_C - * - * Enable the MD5 hash algorithm. - * - * Module: library/md5.c - * Caller: library/md.c - * library/pem.c - * library/ssl_tls.c - * - * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 - * depending on the handshake parameters. Further, it is used for checking - * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded - * encrypted keys. - * - * \warning MD5 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_MD5_C - -/** - * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Enable the buffer allocator implementation that makes use of a (stack) - * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() - * calls) - * - * Module: library/memory_buffer_alloc.c - * - * Requires: MBEDTLS_PLATFORM_C - * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) - * - * Enable this module to enable the buffer memory allocator. - */ -//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C - -/** - * \def MBEDTLS_NET_C - * - * Enable the TCP and UDP over IPv6/IPv4 networking routines. - * - * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) - * and Windows. For other platforms, you'll want to disable it, and write your - * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/net_sockets.c - * - * This module provides networking routines. - */ -#define MBEDTLS_NET_C - -/** - * \def MBEDTLS_OID_C - * - * Enable the OID database. - * - * Module: library/oid.c - * Caller: library/asn1write.c - * library/pkcs5.c - * library/pkparse.c - * library/pkwrite.c - * library/rsa.c - * library/x509.c - * library/x509_create.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * This modules translates between OIDs and internal values. - */ -#define MBEDTLS_OID_C - -/** - * \def MBEDTLS_PADLOCK_C - * - * Enable VIA Padlock support on x86. - * - * Module: library/padlock.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the VIA PadLock on x86. - */ -#define MBEDTLS_PADLOCK_C - -/** - * \def MBEDTLS_PEM_PARSE_C - * - * Enable PEM decoding / parsing. - * - * Module: library/pem.c - * Caller: library/dhm.c - * library/pkparse.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for decoding / parsing PEM files. - */ -#define MBEDTLS_PEM_PARSE_C - -/** - * \def MBEDTLS_PEM_WRITE_C - * - * Enable PEM encoding / writing. - * - * Module: library/pem.c - * Caller: library/pkwrite.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for encoding / writing PEM files. - */ -#define MBEDTLS_PEM_WRITE_C - -/** - * \def MBEDTLS_PK_C - * - * Enable the generic public (asymetric) key layer. - * - * Module: library/pk.c - * Caller: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C - * - * Uncomment to enable generic public key wrappers. - */ -#define MBEDTLS_PK_C - -/** - * \def MBEDTLS_PK_PARSE_C - * - * Enable the generic public (asymetric) key parser. - * - * Module: library/pkparse.c - * Caller: library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key parse functions. - */ -#define MBEDTLS_PK_PARSE_C - -/** - * \def MBEDTLS_PK_WRITE_C - * - * Enable the generic public (asymetric) key writer. - * - * Module: library/pkwrite.c - * Caller: library/x509write.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key write functions. - */ -#define MBEDTLS_PK_WRITE_C - -/** - * \def MBEDTLS_PKCS5_C - * - * Enable PKCS#5 functions. - * - * Module: library/pkcs5.c - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the PKCS#5 functions. - */ -#define MBEDTLS_PKCS5_C - -/** - * \def MBEDTLS_PKCS12_C - * - * Enable PKCS#12 PBE functions. - * Adds algorithms for parsing PKCS#8 encrypted private keys - * - * Module: library/pkcs12.c - * Caller: library/pkparse.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * Can use: MBEDTLS_ARC4_C - * - * This module enables PKCS#12 functions. - */ -#define MBEDTLS_PKCS12_C - -/** - * \def MBEDTLS_PLATFORM_C - * - * Enable the platform abstraction layer that allows you to re-assign - * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). - * - * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT - * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned - * above to be specified at runtime or compile time respectively. - * - * \note This abstraction layer must be enabled on Windows (including MSYS2) - * as other module rely on it for a fixed snprintf implementation. - * - * Module: library/platform.c - * Caller: Most other .c files - * - * This module enables abstraction of common (libc) functions. - */ -#define MBEDTLS_PLATFORM_C - -/** - * \def MBEDTLS_POLY1305_C - * - * Enable the Poly1305 MAC algorithm. - * - * Module: library/poly1305.c - * Caller: library/chachapoly.c - */ -#define MBEDTLS_POLY1305_C - -/** - * \def MBEDTLS_PSA_CRYPTO_C - * - * Enable the Platform Security Architecture cryptography API. - * - * Module: library/psa_crypto.c - * - * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C - * - */ -#define MBEDTLS_PSA_CRYPTO_C - -/** - * \def MBEDTLS_PSA_CRYPTO_STORAGE_C - * - * Enable the Platform Security Architecture persistent key storage. - * - * Module: library/psa_crypto_storage.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C, - * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of - * the PSA ITS interface - */ -#define MBEDTLS_PSA_CRYPTO_STORAGE_C - -/** - * \def MBEDTLS_PSA_ITS_FILE_C - * - * Enable the emulation of the Platform Security Architecture - * Internal Trusted Storage (PSA ITS) over files. - * - * Module: library/psa_its_file.c - * - * Requires: MBEDTLS_FS_IO - */ -#define MBEDTLS_PSA_ITS_FILE_C - -/** - * \def MBEDTLS_RIPEMD160_C - * - * Enable the RIPEMD-160 hash algorithm. - * - * Module: library/ripemd160.c - * Caller: library/md.c - * - */ -#define MBEDTLS_RIPEMD160_C - -/** - * \def MBEDTLS_RSA_C - * - * Enable the RSA public-key cryptosystem. - * - * Module: library/rsa.c - * library/rsa_alt_helpers.h - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509.c - * - * This module is used by the following key exchanges: - * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C - */ -#define MBEDTLS_RSA_C - -/** - * \def MBEDTLS_SHA1_C - * - * Enable the SHA1 cryptographic hash algorithm. - * - * Module: library/sha1.c - * Caller: library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509write_crt.c - * - * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 - * depending on the handshake parameters, and for SHA1-signed certificates. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_SHA1_C - -/** - * \def MBEDTLS_SHA224_C - * - * Enable the SHA-224 cryptographic hash algorithm. - * - * Requires: MBEDTLS_SHA256_C. Library does not support enabling - * SHA-224 without SHA-256. Future version will have - * this option disabled by default. - * - * Module: library/sha256.c - * Caller: library/md.c - * library/ssl_cookie.c - * - * This module adds support for SHA-224. - */ -#define MBEDTLS_SHA224_C - -/** - * \def MBEDTLS_SHA256_C - * - * Enable the SHA-256 cryptographic hash algorithm. - * - * Requires: MBEDTLS_SHA224_C. Library does not support enabling - * SHA-256 without SHA-224. - * - * Module: library/sha256.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module adds support for SHA-256. - * This module is required for the SSL/TLS 1.2 PRF function. - */ -#define MBEDTLS_SHA256_C - -/** - * \def MBEDTLS_SHA384_C - * - * Enable the SHA-384 cryptographic hash algorithm. - * - * Requires: MBEDTLS_SHA512_C - * - * Module: library/sha512.c - * Caller: library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * Comment to disable SHA-384 - */ -#define MBEDTLS_SHA384_C - -/** - * \def MBEDTLS_SHA512_C - * - * Enable SHA-512 cryptographic hash algorithms. - * - * Module: library/sha512.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_tls.c - * library/ssl_cookie.c - * - * This module adds support for SHA-512. - */ -#define MBEDTLS_SHA512_C - - -/** - * \def MBEDTLS_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: MBEDTLS_SSL_CACHE_C - */ -#define MBEDTLS_SSL_CACHE_C - -/** - * \def MBEDTLS_SSL_COOKIE_C - * - * Enable basic implementation of DTLS cookies for hello verification. - * - * Module: library/ssl_cookie.c - * Caller: - */ -#define MBEDTLS_SSL_COOKIE_C - -/** - * \def MBEDTLS_SSL_TICKET_C - * - * Enable an implementation of TLS server-side callbacks for session tickets. - * - * Module: library/ssl_ticket.c - * Caller: - * - * Requires: MBEDTLS_CIPHER_C - */ -#define MBEDTLS_SSL_TICKET_C - -/** - * \def MBEDTLS_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#define MBEDTLS_SSL_CLI_C - -/** - * \def MBEDTLS_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#define MBEDTLS_SSL_SRV_C - -/** - * \def MBEDTLS_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * and at least one of the MBEDTLS_SSL_PROTO_XXX defines - * - * This module is required for SSL/TLS. - */ -#define MBEDTLS_SSL_TLS_C - -/** - * \def MBEDTLS_THREADING_C - * - * Enable the threading abstraction layer. - * By default mbed TLS assumes it is used in a non-threaded environment or that - * contexts are not shared between threads. If you do intend to use contexts - * between threads, you will need to enable this layer to prevent race - * conditions. See also our Knowledge Base article about threading: - * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading - * - * Module: library/threading.c - * - * This allows different threading implementations (self-implemented or - * provided). - * - * You will have to enable either MBEDTLS_THREADING_ALT or - * MBEDTLS_THREADING_PTHREAD. - * - * Enable this layer to allow use of mutexes within mbed TLS - */ -//#define MBEDTLS_THREADING_C - -/** - * \def MBEDTLS_TIMING_C - * - * Enable the semi-portable timing interface. - * - * \note The provided implementation only works on POSIX/Unix (including Linux, - * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by - * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide - * your own implementation of the whole module by setting - * \c MBEDTLS_TIMING_ALT in the current file. - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/timing.c - */ -#define MBEDTLS_TIMING_C - -/** - * \def MBEDTLS_VERSION_C - * - * Enable run-time version information. - * - * Module: library/version.c - * - * This module provides run-time version information. - */ -#define MBEDTLS_VERSION_C - -/** - * \def MBEDTLS_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, - * MBEDTLS_PK_PARSE_C - * - * This module is required for the X.509 parsing modules. - */ -#define MBEDTLS_X509_USE_C - -/** - * \def MBEDTLS_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509_crt.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#define MBEDTLS_X509_CRT_PARSE_C - -/** - * \def MBEDTLS_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/x509_crl.c - * Caller: library/x509_crt.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#define MBEDTLS_X509_CRL_PARSE_C - -/** - * \def MBEDTLS_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#define MBEDTLS_X509_CSR_PARSE_C - -/** - * \def MBEDTLS_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#define MBEDTLS_X509_CREATE_C - -/** - * \def MBEDTLS_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#define MBEDTLS_X509_CRT_WRITE_C - -/** - * \def MBEDTLS_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#define MBEDTLS_X509_CSR_WRITE_C - -/** - * \def MBEDTLS_XTEA_C - * - * Enable the XTEA block cipher. - * - * Module: library/xtea.c - * Caller: - */ -#define MBEDTLS_XTEA_C - -/* \} name SECTION: mbed TLS modules */ - -/** - * \name SECTION: Module configuration options - * - * This section allows for the setting of module specific sizes and - * configuration options. The default values are already present in the - * relevant header files and should suffice for the regular use cases. - * - * Our advice is to enable options and change their values here - * only if you have a good reason and know the consequences. - * - * Please check the respective header file for documentation on these - * parameters (to prevent duplicate documentation). - * \{ - */ - -/* MPI / BIGNUM options */ -//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ -//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ - -/* CTR_DRBG options */ -//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ -//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ -//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */ - -/* HMAC_DRBG options */ -//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* ECP options */ -//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ -//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ -//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ - -/* Entropy options */ -//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ -//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ -//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ - -/* Memory buffer allocator options */ -//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ - -/* Platform options */ -//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -/* Note: your snprintf must correctly zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ - -/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ -/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ -//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ -/* Note: your snprintf must correctly zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ - -/** - * \brief This macro is invoked by the library when an invalid parameter - * is detected that is only checked with MBEDTLS_CHECK_PARAMS - * (see the documentation of that option for context). - * - * When you leave this undefined here, a default definition is - * provided that invokes the function mbedtls_param_failed(), - * which is declared in platform_util.h for the benefit of the - * library, but that you need to define in your application. - * - * When you define this here, this replaces the default - * definition in platform_util.h (which no longer declares the - * function mbedtls_param_failed()) and it is your responsibility - * to make sure this macro expands to something suitable (in - * particular, that all the necessary declarations are visible - * from within the library - you can ensure that by providing - * them in this file next to the macro definition). - * - * Note that you may define this macro to expand to nothing, in - * which case you don't have to worry about declarations or - * definitions. However, you will then be notified about invalid - * parameters only in non-void functions, and void function will - * just silently return early on invalid parameters, which - * partially negates the benefits of enabling - * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. - * - * \param cond The expression that should evaluate to true, but doesn't. - */ -//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) - -/* SSL Cache options */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ - -/* SSL options */ - -/** \def MBEDTLS_SSL_MAX_CONTENT_LEN - * - * Maximum length (in bytes) of incoming and outgoing plaintext fragments. - * - * This determines the size of both the incoming and outgoing TLS I/O buffers - * in such a way that both are capable of holding the specified amount of - * plaintext data, regardless of the protection mechanism used. - * - * To configure incoming and outgoing I/O buffers separately, use - * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, - * which overwrite the value set by this option. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of both - * incoming and outgoing I/O buffers. - */ -//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_IN_CONTENT_LEN - * - * Maximum length (in bytes) of incoming plaintext fragments. - * - * This determines the size of the incoming TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option is undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of the incoming I/O buffer - * independently of the outgoing I/O buffer. - */ -//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_OUT_CONTENT_LEN - * - * Maximum length (in bytes) of outgoing plaintext fragments. - * - * This determines the size of the outgoing TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * It is possible to save RAM by setting a smaller outward buffer, while keeping - * the default inward 16384 byte buffer to conform to the TLS specification. - * - * The minimum required outward buffer size is determined by the handshake - * protocol's usage. Handshaking will fail if the outward buffer is too small. - * The specific size requirement depends on the configured ciphers and any - * certificate data which is sent during the handshake. - * - * Uncomment to set the maximum plaintext size of the outgoing I/O buffer - * independently of the incoming I/O buffer. - */ -//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING - * - * Maximum number of heap-allocated bytes for the purpose of - * DTLS handshake message reassembly and future message buffering. - * - * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN - * to account for a reassembled handshake message of maximum size, - * together with its reassembly bitmap. - * - * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) - * should be sufficient for all practical situations as it allows - * to reassembly a large handshake message (such as a certificate) - * while buffering multiple smaller handshake messages. - * - */ -//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 - -//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ - -/** - * Complete list of ciphersuites to use, in order of preference. - * - * \warning No dependency checking is done on that field! This option can only - * be used to restrict the set of available ciphersuites. It is your - * responsibility to make sure the needed modules are active. - * - * Use this to save a few hundred bytes of ROM (default ordering of all - * available ciphersuites) and a few to a few hundred bytes of RAM. - * - * The value below is only an example, not the default. - */ -//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -/* X509 options */ -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ -//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ - -/** - * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake - * signature and ciphersuite selection. Without this build-time option, SHA-1 - * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. - * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by - * default. At the time of writing, there is no practical attack on the use - * of SHA-1 in handshake signatures, hence this option is turned on by default - * to preserve compatibility with existing peers, but the general - * warning applies nonetheless: - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE - -/** - * Uncomment the macro to let mbed TLS use your alternate implementation of - * mbedtls_platform_zeroize(). This replaces the default implementation in - * platform_util.c. - * - * mbedtls_platform_zeroize() is a widely used function across the library to - * zero a block of memory. The implementation is expected to be secure in the - * sense that it has been written to prevent the compiler from removing calls - * to mbedtls_platform_zeroize() as part of redundant code elimination - * optimizations. However, it is difficult to guarantee that calls to - * mbedtls_platform_zeroize() will not be optimized by the compiler as older - * versions of the C language standards do not provide a secure implementation - * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to - * configure their own implementation of mbedtls_platform_zeroize(), for - * example by using directives specific to their compiler, features from newer - * C standards (e.g using memset_s() in C11) or calling a secure memset() from - * their system (e.g explicit_bzero() in BSD). - */ -//#define MBEDTLS_PLATFORM_ZEROIZE_ALT - -/** - * Uncomment the macro to let Mbed TLS use your alternate implementation of - * mbedtls_platform_gmtime_r(). This replaces the default implementation in - * platform_util.c. - * - * gmtime() is not a thread-safe function as defined in the C standard. The - * library will try to use safer implementations of this function, such as - * gmtime_r() when available. However, if Mbed TLS cannot identify the target - * system, the implementation of mbedtls_platform_gmtime_r() will default to - * using the standard gmtime(). In this case, calls from the library to - * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex - * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the - * library are also guarded with this mutex to avoid race conditions. However, - * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will - * unconditionally use the implementation for mbedtls_platform_gmtime_r() - * supplied at compile time. - */ -//#define MBEDTLS_PLATFORM_GMTIME_R_ALT - -/* \} name SECTION: Customisation configuration options */ - -/* Target and application specific configurations - * - * Allow user to override any previous default. - * - */ -#if defined(MBEDTLS_USER_CONFIG_FILE) -#include MBEDTLS_USER_CONFIG_FILE -#endif - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/docs/3.0-migration-guide.d/00README b/docs/3.0-migration-guide.d/00README new file mode 100644 index 0000000000..a41733e470 --- /dev/null +++ b/docs/3.0-migration-guide.d/00README @@ -0,0 +1,27 @@ +Please add your migration guide entries here. Until 3.0 is released, each PR +that makes backwards-incompatible changes should add a file here, with the +extension .md, a descriptive name and the following format: + +---%<------%<------%<------%<------%<------%<------%<------%<--- + +The change that was made +------------------------ + +Who exactly is affected: does this affect users of the default config, of a +particular feature? Remember to contextualise. + +If I'm affected, what's my migration path? How should I change my code if this +is an API change; if a feature was removed what are my alternatives? + +---%<------%<------%<------%<------%<------%<------%<------%<--- + +PRs that make multiple independent changes should include one entry for each +changes or logical groups of changes. You can either add multiple files or put +multiple entries in the same file. + +For examples, have a look a docs/3.0-migration-guide.md (which includes the +top-level header and an intro before the list of entries). + +As part of release preparation, the entries in this directory will be appended +to docs/3.0-migration-guide.md and then re-ordered and reviewed one last time. +The file is then going to be moved to the version-independent docs repo. diff --git a/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md b/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md new file mode 100644 index 0000000000..c3c3306234 --- /dev/null +++ b/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md @@ -0,0 +1,12 @@ +Remove the configuration to enable weak ciphersuites in SSL / TLS +----------------------------------------------------------------- + +This does not affect users who use the default `config.h`, as this option was +already off by default. + +If you were using a weak cipher, please switch to any of the modern, +recommended ciphersuites (based on AES-GCM, AES-CCM or ChachaPoly for example) +and if your peer doesn't support any, encourage them to upgrade their software. + +If you were using a ciphersuite without encryption, you just have to +enable MBEDTLS_CIPHER_NULL_CIPHER now. diff --git a/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md new file mode 100644 index 0000000000..b18b3109d8 --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md @@ -0,0 +1,72 @@ +Deprecated functions were removed from AES +------------------------------------------ + +The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were +removed. + +If you're simply using the AES module, you should be calling the higher-level +functions `mbedtls_aes_crypt_xxx()`. + +If you're providing an alternative implementation using +`MBEDTLS_AES_ENCRYPT_ALT` or `MBEDTLS_AES_DECRYPT_ALT`, you should be +replacing the removed functions with `mbedtls_internal_aes_encrypt()` and +`mbedtls_internal_aes_decrypt()` respectively. + +Deprecated functions were removed from bignum +--------------------------------------------- + +The function `mbedtls_mpi_is_prime()` was removed. Please use +`mbedtls_mpi_is_prime_ext()` instead which additionally allows specifying the +number of Miller-Rabin rounds. + +Deprecated functions were removed from cipher +--------------------------------------------- + +The functions `mbedtls_cipher_auth_encrypt()` and +`mbedtls_cipher_auth_decrypt()` were removed. They were superseded by +`mbedtls_cipher_auth_encrypt_ext()` and `mbedtls_cipher_auth_decrypt_ext()` +respectively which additionally support key wrapping algorithms such as +NIST_KW. + +Deprecated functions were removed from DRBGs +-------------------------------------------- + +The functions `mbedtls_ctr_drbg_update()` and `mbedtls_hmac_drbg_update()` +were removed. They were superseded by `mbedtls_ctr_drbg_update_ret()` and +`mbedtls_hmac_drbg_update_ret()` respectively. + +Deprecated functions were removed from ECDSA +-------------------------------------------- + +The functions `mbedtls_ecdsa_write_signature_det()` and +`mbedtls_ecdsa_sign_det()` were removed. They were superseded by +`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` +respectively. + +Deprecated functions were removed from SSL +------------------------------------------ + +The function `mbedtls_ssl_conf_dh_param()` was removed. Please use +`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` instead. + +The function `mbedtls_ssl_get_max_frag_len()` was removed. Please use +`mbedtls_ssl_get_output_max_frag_len()` instead. + +Deprecated hex-encoded primes were removed from DHM +--------------------------------------------------- + +The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`, +`MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`, +`MBEDTLS_DHM_RFC3526_MODP_3072_P`, `MBEDTLS_DHM_RFC3526_MODP_3072_G`, +`MBEDTLS_DHM_RFC3526_MODP_4096_P `and `MBEDTLS_DHM_RFC3526_MODP_4096_G` were +removed. The primes from RFC 5114 are deprecated because their derivation is not +documented and therefore their usage constitutes a security risk; they are fully +removed from the library. Please use parameters from RFC3526 (still in the +library, only in binary form) or RFC 7919 (also available in the library) or +other trusted sources instead. + +Deprecated net.h file was removed +--------------------------------- + +The file `include/mbedtls/net.h` was removed because its only function was to +include `mbedtls/net_sockets.h` which now should be included directly. diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md new file mode 100644 index 0000000000..2d031c6a4a --- /dev/null +++ b/docs/3.0-migration-guide.md @@ -0,0 +1,222 @@ +Migrating from Mbed TLS 2.x to Mbed TLS 3.0 +=========================================== + +This guide details the steps required to migrate from Mbed TLS version 2.x to +Mbed TLS version 3.0 or greater. Unlike normal releases, Mbed TLS 3.0 breaks +compatibility with previous versions, so users (and alt implementors) might +need to change their own code in order to make it work with Mbed TLS 3.0. + +Here's the list of breaking changes; each entry should help you answer these +two questions: (1) am I affected? (2) if yes, what's my migration path? + +Some function parameters were made const +---------------------------------------- + +Various functions in the PK and ASN.1 modules had a `const` qualifier added to +some of their parameters. + +This normally doesn't affect your code, unless you use pointers to reference +those functions. In this case, you'll need to update the type of your pointers +in order to match the new signature. + +Deprecated functions were removed from hashing modules +------------------------------------------------------ + +Modules: MD2, MD4, MD5, SHA1, SHA256, SHA512, MD. + +- The functions `mbedtls_xxx_starts()`, `mbedtls_xxx_update()`, + `mbedtls_xxx_finish()` and `mbedtls_xxx()` were removed. Please use the +function with the same name with `_ret` appended and check the return value. +- The function `mbedtls_md_init_ctx()` was removed; please use + `mbedtls_md_setup()` instead. +- The functions `mbedtls_xxx_process()` were removed. You normally don't need + to call that from application code. However if you do (or if you want to +provide your own version of that function), please use +`mbedtls_internal_xxx_process()` instead, and check the return value. + +Deprecated error codes for hardware failures were removed +--------------------------------------------------------- + +- The macros `MBEDTLS_ERR_xxx_FEATURE_UNSUPPORTED` from various crypto modules + were removed; `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED` is now used +instead. +- The macros `MBEDTLS_ERR_xxx_HW_ACCEL_FAILED` from various crypto modules + were removed; `MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED` is now used instead. + +Deprecated names for PSA constants and types were removed +--------------------------------------------------------- + +Some constants and types that were present in beta versions of the PSA Crypto +API were removed from version 1.0 of specification. Please switch to the new +names provided by the 1.0 specification instead. + +Internal / alt-focused headers were moved to a private location +---------------------------------------------------------------- + +This shouldn't affect users who took care not to include headers that +were documented as internal, despite being in the public include directory. + +If you're providing alt implementations of ECP or RSA, you'll need to add our +`library` directory to your include path when building your alt +implementations, and note that `ecp_internal.h` and `rsa_internal.h` have been +renamed to `ecp_alt.h` and `rsa_alt_helpers.h` respectively. + +If you're a library user and used to rely on having access to a structure or +function that's now in a private header, please reach out on the mailing list +and explain your need; we'll consider adding a new API in a future version. + +Remove the option to allow SHA-1 by default in certificates +----------------------------------------------------------- + +This does not affect users who use the default `config.h`, as this option was +already off by default. + +If you used to enable `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` in your +`config.h`, first please take a moment to consider whether you really still +want to accept certificates signed with SHA-1 as those are considered insecure +and no CA has issued them for a while. If you really need to allow SHA-1 in +certificates, please set up a custom profile as follows: + +``` +const mbedtls_x509_crt_profile mbedtls_x509_crt_custom = { + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | + MBEDTLS_X509_ID_FLAG( /* other hash */ ) /* | etc */, + 0xFFFFFFF, /* Or specific PK algs */ + 0xFFFFFFF, /* Or specific curves */ + 2048 /* Or another RSA min bitlen */ +}; +``` +Then pass it to `mbedtls_x509_crt_verify_with_profile()` if you're verifying +a certificate chain directly, or to `mbedtls_ssl_conf_cert_profile()` if the +verification happens during a TLS handshake. + +Remove the certs module from the library +---------------------------------------- + +This should not affect production use of the library, as the certificates and +keys included there were never suitable for production use. + +However it might affect you if you relied on them for testing purposes. In +that case, please embed your own test certificates in your test code; now that +`certs.c` is out of the library there is no longer any stability guaranteed +and it may change in incompatible ways at any time. + +Remove the HAVEGE module +------------------------ + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects users who called the HAVEGE modules directly (not +recommended), or users who used it through the entropy module but had it as the +only source of entropy. If you're in that case, please declare OS or hardware +RNG interfaces with `mbedtls_entropy_add_source()` and/or use an entropy seed +file created securely during device provisioning. See + for more +information. + +Remove support for parsing SSLv2 ClientHello +-------------------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS servers that have clients who send an SSLv2 ClientHello. +These days clients are very unlikely to do that. If you have a client that +does, please try contacting them and encouraging them to upgrade their +software. + +Remove support for SSL 3.0 +-------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS users who explicitly enabled `MBEDTLS_SSL_PROTO_SSL3` +and relied on that version in order to communicate with peers that are not up +to date. If one of your peers is in that case, please try contacting them and +encouraging them to upgrade their software. + +Remove support for compatibility with old Mbed TLS's truncated HMAC +------------------------------------------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS users who enabled `MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT` and +used the Truncated HMAC extension to communicate with peers using old version +of Mbed TLS. Please consider using a CCM-8 ciphersuite instead of the +Truncated HMAC extension, or convincing your peer to upgrade their version of +Mbed TLS. + +Remove support for TLS record-level compression +----------------------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS users who enabled `MBEDTLS_ZLIB_SUPPORT`. This will not +cause any failures however if you used to enable TLS record-level compression +you may find that your bandwidth usage increases without compression. There's +no general solution to this problem; application protocols might have their +own compression mechanisms and are in a better position than the TLS stack to +avoid variants of the CRIME and BREACH attacks. + +Remove support for TLS RC4-based ciphersuites +--------------------------------------------- + +This does not affect people who used the default `config.h` and the default +list of ciphersuites, as RC4-based ciphersuites were already not negotiated in +that case. + +Please switch to any of the modern, recommended ciphersuites (based on +AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support +any, encourage them to upgrade their software. + +Remove support for TLS single-DES ciphersuites +---------------------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +Please switch to any of the modern, recommended ciphersuites (based on +AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support +any, encourage them to upgrade their software. + +Remove support for TLS record-level hardware acceleration +--------------------------------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This feature had been broken for a while so we doubt anyone still used it. +However if you did, please reach out on the mailing list and let us know about +your use case. + +Remove wrapper for libpkcs11-helper +----------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +If you used to rely on this module in order to store your private keys +securely, please have a look at the key management facilities provided by the +PSA crypto API. If you have a use case that's not covered yet by this API, +please reach out on the mailing list. + +Remove config option `MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME` +---------------------------------------------------------- + +This doesn't affect people using the default configuration. + +This option has not had any effect for a long time. Please use the `lifetime` +parameter of `mbedtls_ssl_ticket_setup()` instead. + +Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0 +------------------------------------------------------------------- + +This only affects people who've been using Mbed TLS since before version 2.0 +and still relied on `compat-1.3.h` in their code. + +Please use the new names directly in your code; `scripts/rename.pl` (from any +of the 2.x releases - no longer included in 3.0) might help you do that. diff --git a/docs/architecture/psa-crypto-implementation-structure.md b/docs/architecture/psa-crypto-implementation-structure.md index 025a6235f6..cd4d427bf2 100644 --- a/docs/architecture/psa-crypto-implementation-structure.md +++ b/docs/architecture/psa-crypto-implementation-structure.md @@ -63,7 +63,7 @@ Key creation implementation in Mbed TLS PSA core is articulated around three int 3. Generate or copy the key material into the key slot. This entails the allocation of the buffer to store the key material. 4. Call psa_finish_key_creation() that mostly saves persistent keys into persistent storage. -In case of any error occuring at step 3 or 4, psa_fail_key_creation() is called. It wipes and cleans the slot especially the key material: reset to zero of the RAM memory that contained the key material, free the allocated buffer. +In case of any error occurring at step 3 or 4, psa_fail_key_creation() is called. It wipes and cleans the slot especially the key material: reset to zero of the RAM memory that contained the key material, free the allocated buffer. ## Mbed TLS PSA Cryptography API implementation drivers diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md index 72b36052ad..23274c74fc 100644 --- a/docs/proposed/psa-driver-interface.md +++ b/docs/proposed/psa-driver-interface.md @@ -810,7 +810,7 @@ psa_status_t acme_get_builtin_key(psa_drv_slot_number_t slot_number, If this function returns `PSA_SUCCESS` or `PSA_ERROR_BUFFER_TOO_SMALL`, it must fill `attributes` with the attributes of the key (except for the key identifier). On success, this function must also fill `key_buffer` with the key context. -On entry, `psa_get_key_lifetime(attributes)` is the location at which the driver was declared and the persistence level `#PSA_KEY_LIFETIME_PERSISTENT`. The driver entry point may change the lifetime to one with the same location but a different persistence level. The standard attributes other than the key identifier and lifetime have the value conveyed by `PSA_KEY_ATTRIBUTES_INIT`. +On entry, `psa_get_key_lifetime(attributes)` is the location at which the driver was declared and a persistence level with which the platform is attempting to register the key. The driver entry point may choose to change the lifetime (`psa_set_key_lifetime(attributes, lifetime)`) of the reported key attributes to one with the same location but a different persistence level, in case the driver has more specific knowledge about the actual persistence level of the key which is being retrieved. For example, if a driver knows it cannot delete a key, it may override the persistence level in the lifetime to `PSA_KEY_PERSISTENCE_READ_ONLY`. The standard attributes other than the key identifier and lifetime have the value conveyed by `PSA_KEY_ATTRIBUTES_INIT`. The output parameter `key_buffer` points to a writable buffer of `key_buffer_size` bytes. If the driver has a [`"builtin_key_size"` property](#key-format-for-opaque-drivers) property, `key_buffer_size` has this value, otherwise `key_buffer_size` has the value determined from the key type and size. diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 25accb65af..da741c8e81 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -611,44 +611,6 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ); -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief Deprecated internal AES block encryption function - * without return value. - * - * \deprecated Superseded by mbedtls_internal_aes_encrypt() - * - * \param ctx The AES context to use for encryption. - * \param input Plaintext block. - * \param output Output (ciphertext) block. - */ -MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); - -/** - * \brief Deprecated internal AES block decryption function - * without return value. - * - * \deprecated Superseded by mbedtls_internal_aes_decrypt() - * - * \param ctx The AES context to use for decryption. - * \param input Ciphertext block. - * \param output Output (plaintext) block. - */ -MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); - -#undef MBEDTLS_DEPRECATED -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - - #if defined(MBEDTLS_SELF_TEST) /** * \brief Checkup routine. diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 637360e30f..073b4a40c9 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -904,37 +904,6 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N ); -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief Perform a Miller-Rabin primality test with error - * probability of 2-80. - * - * \deprecated Superseded by mbedtls_mpi_is_prime_ext() which allows - * specifying the number of Miller-Rabin rounds. - * - * \param X The MPI to check for primality. - * This must point to an initialized MPI. - * \param f_rng The RNG function to use. This must not be \c NULL. - * \param p_rng The RNG parameter to be passed to \p f_rng. - * This may be \c NULL if \p f_rng doesn't use a - * context parameter. - * - * \return \c 0 if successful, i.e. \p X is probably prime. - * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. - * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. - * \return Another negative error code on other kinds of failure. - */ -MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); -#undef MBEDTLS_DEPRECATED -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - /** * \brief Miller-Rabin primality test. * diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 19b0d6c22a..aacceda6e5 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -467,8 +467,8 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, * \param cipher_info The cipher to use. * \param taglen For AEAD ciphers, the length in bytes of the * authentication tag to use. Subsequent uses of - * mbedtls_cipher_auth_encrypt() or - * mbedtls_cipher_auth_decrypt() must provide + * mbedtls_cipher_auth_encrypt_ext() or + * mbedtls_cipher_auth_decrypt_ext() must provide * the same tag length. * For non-AEAD ciphers, the value must be \c 0. * @@ -853,129 +853,6 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ); -#if defined(MBEDTLS_CIPHER_MODE_AEAD) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif /* MBEDTLS_DEPRECATED_WARNING */ -/** - * \brief The generic authenticated encryption (AEAD) function. - * - * \deprecated Superseded by mbedtls_cipher_auth_encrypt_ext(). - * - * \note This function only supports AEAD algorithms, not key - * wrapping algorithms such as NIST_KW; for this, see - * mbedtls_cipher_auth_encrypt_ext(). - * - * \param ctx The generic cipher context. This must be initialized and - * bound to a key associated with an AEAD algorithm. - * \param iv The nonce to use. This must be a readable buffer of - * at least \p iv_len Bytes and must not be \c NULL. - * \param iv_len The length of the nonce. This must satisfy the - * constraints imposed by the AEAD cipher used. - * \param ad The additional data to authenticate. This must be a - * readable buffer of at least \p ad_len Bytes, and may - * be \c NULL is \p ad_len is \c 0. - * \param ad_len The length of \p ad. - * \param input The buffer holding the input data. This must be a - * readable buffer of at least \p ilen Bytes, and may be - * \c NULL if \p ilen is \c 0. - * \param ilen The length of the input data. - * \param output The buffer for the output data. This must be a - * writable buffer of at least \p ilen Bytes, and must - * not be \c NULL. - * \param olen This will be filled with the actual number of Bytes - * written to the \p output buffer. This must point to a - * writable object of type \c size_t. - * \param tag The buffer for the authentication tag. This must be a - * writable buffer of at least \p tag_len Bytes. See note - * below regarding restrictions with PSA-based contexts. - * \param tag_len The desired length of the authentication tag. This - * must match the constraints imposed by the AEAD cipher - * used, and in particular must not be \c 0. - * - * \note If the context is based on PSA (that is, it was set up - * with mbedtls_cipher_setup_psa()), then it is required - * that \c tag == output + ilen. That is, the tag must be - * appended to the ciphertext as recommended by RFC 5116. - * - * \return \c 0 on success. - * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on - * parameter-verification failure. - * \return A cipher-specific error code on failure. - */ -int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - unsigned char *tag, size_t tag_len ) - MBEDTLS_DEPRECATED; - -/** - * \brief The generic authenticated decryption (AEAD) function. - * - * \deprecated Superseded by mbedtls_cipher_auth_decrypt_ext(). - * - * \note This function only supports AEAD algorithms, not key - * wrapping algorithms such as NIST_KW; for this, see - * mbedtls_cipher_auth_decrypt_ext(). - * - * \note If the data is not authentic, then the output buffer - * is zeroed out to prevent the unauthentic plaintext being - * used, making this interface safer. - * - * \param ctx The generic cipher context. This must be initialized and - * bound to a key associated with an AEAD algorithm. - * \param iv The nonce to use. This must be a readable buffer of - * at least \p iv_len Bytes and must not be \c NULL. - * \param iv_len The length of the nonce. This must satisfy the - * constraints imposed by the AEAD cipher used. - * \param ad The additional data to authenticate. This must be a - * readable buffer of at least \p ad_len Bytes, and may - * be \c NULL is \p ad_len is \c 0. - * \param ad_len The length of \p ad. - * \param input The buffer holding the input data. This must be a - * readable buffer of at least \p ilen Bytes, and may be - * \c NULL if \p ilen is \c 0. - * \param ilen The length of the input data. - * \param output The buffer for the output data. This must be a - * writable buffer of at least \p ilen Bytes, and must - * not be \c NULL. - * \param olen This will be filled with the actual number of Bytes - * written to the \p output buffer. This must point to a - * writable object of type \c size_t. - * \param tag The buffer for the authentication tag. This must be a - * readable buffer of at least \p tag_len Bytes. See note - * below regarding restrictions with PSA-based contexts. - * \param tag_len The length of the authentication tag. This must match - * the constraints imposed by the AEAD cipher used, and in - * particular must not be \c 0. - * - * \note If the context is based on PSA (that is, it was set up - * with mbedtls_cipher_setup_psa()), then it is required - * that \c tag == input + len. That is, the tag must be - * appended to the ciphertext as recommended by RFC 5116. - * - * \return \c 0 on success. - * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on - * parameter-verification failure. - * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. - * \return A cipher-specific error code on failure. - */ -int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - const unsigned char *tag, size_t tag_len ) - MBEDTLS_DEPRECATED; -#undef MBEDTLS_DEPRECATED -#endif /* MBEDTLS_DEPRECATED_REMOVED */ -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ - #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) /** * \brief The authenticated encryption (AEAD/NIST_KW) function. diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index 702175fd10..a0563b1eff 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -74,6 +74,12 @@ struct mbedtls_cmac_context_t * the input data. * Must be called with an initialized cipher context. * + * \note When the CMAC implementation is supplied by an alternate + * implementation (through #MBEDTLS_CMAC_ALT), some ciphers + * may not be supported by that implementation, and thus + * return an error. Alternate implementations must support + * AES-128 and AES-256, and may support AES-192 and 3DES. + * * \param ctx The cipher context used for the CMAC operation, initialized * as one of the following types: MBEDTLS_CIPHER_AES_128_ECB, * MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB, @@ -151,6 +157,11 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); * The CMAC result is calculated as * output = generic CMAC(cmac key, input buffer). * + * \note When the CMAC implementation is supplied by an alternate + * implementation (through #MBEDTLS_CMAC_ALT), some ciphers + * may not be supported by that implementation, and thus + * return an error. Alternate implementations must support + * AES-128 and AES-256, and may support AES-192 and 3DES. * * \param cipher_info The cipher information. * \param key The CMAC key. @@ -195,6 +206,13 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, /** * \brief The CMAC checkup routine. * + * \note In case the CMAC routines are provided by an alternative + * implementation (i.e. #MBEDTLS_CMAC_ALT is defined), the + * checkup routine will succeed even if the implementation does + * not support the less widely used AES-192 or 3DES primitives. + * The self-test requires at least AES-128 and AES-256 to be + * supported by the underlying implementation. + * * \return \c 0 on success. * \return \c 1 on failure. */ diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index ea3e321d14..251a6160d2 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -421,12 +421,6 @@ * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible * with this definition. * - * \note Because of a signature change, the core AES encryption and decryption routines are - * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, - * respectively. When setting up alternative implementations, these functions should - * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt - * must stay untouched. - * * \note If you use the AES_xxx_ALT macros, then is is recommended to also set * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES * tables. @@ -445,9 +439,7 @@ * alternative implementations should use the RNG only for generating * the ephemeral key and nothing else. If this is not possible, then * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative - * implementation should be provided for mbedtls_ecdsa_sign_det_ext() - * (and for mbedtls_ecdsa_sign_det() too if backward compatibility is - * desirable). + * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). * */ //#define MBEDTLS_MD2_PROCESS_ALT @@ -659,8 +651,7 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: + * To enable the following ciphersuites: * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA @@ -708,20 +699,6 @@ */ //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * Uncomment this macro to enable weak ciphersuites - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - /** * \def MBEDTLS_REMOVE_3DES_CIPHERSUITES * @@ -1312,6 +1289,22 @@ */ #define MBEDTLS_PKCS1_V21 +/** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS + * + * Enable support for platform built-in keys. If you enable this feature, + * you must implement the function mbedtls_psa_platform_get_builtin_key(). + * See the documentation of that function for more information. + * + * Built-in keys are typically derived from a hardware unique key or + * stored in a secure element. + * + * Requires: MBEDTLS_PSA_CRYPTO_C. + * + * \warning This interface is experimental and may change or be removed + * without notice. + */ +//#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS + /** \def MBEDTLS_PSA_CRYPTO_CLIENT * * Enable support for PSA crypto client. @@ -2115,6 +2108,17 @@ */ #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE +/** + * \def MBEDTLS_X509_REMOVE_INFO + * + * Disable mbedtls_x509_*_info() and related APIs. + * + * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() + * and other functions/constants only used by these functions, thus reducing + * the code footprint by several KB. + */ +//#define MBEDTLS_X509_REMOVE_INFO + /** * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT * @@ -2411,7 +2415,7 @@ * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 */ -//#define MBEDTLS_ARIA_C +#define MBEDTLS_ARIA_C /** * \def MBEDTLS_CCM_C @@ -2465,12 +2469,17 @@ * Enable the CMAC (Cipher-based Message Authentication Code) mode for block * ciphers. * + * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying + * implementation of the CMAC algorithm is provided by an alternate + * implementation, that alternate implementation may opt to not support + * AES-192 or 3DES as underlying block ciphers for the CMAC operation. + * * Module: library/cmac.c * * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C * */ -//#define MBEDTLS_CMAC_C +#define MBEDTLS_CMAC_C /** * \def MBEDTLS_CTR_DRBG_C @@ -2594,9 +2603,9 @@ * * Enable the elliptic curve J-PAKE library. * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. + * \note EC J-PAKE support is based on the Thread v1.0.0 specification. + * It has not been reviewed for compliance with newer standards such as + * Thread v1.1 or RFC 8236. * * Module: library/ecjpake.c * Caller: @@ -2606,7 +2615,7 @@ * * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C */ -//#define MBEDTLS_ECJPAKE_C +#define MBEDTLS_ECJPAKE_C /** * \def MBEDTLS_ECP_C @@ -2702,7 +2711,7 @@ * * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C */ -//#define MBEDTLS_NIST_KW_C +#define MBEDTLS_NIST_KW_C /** * \def MBEDTLS_MD_C diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 653fd83d54..0f2c5510f7 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -528,35 +528,6 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ); - -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief This function updates the state of the CTR_DRBG context. - * - * \deprecated Superseded by mbedtls_ctr_drbg_update_ret() - * in 2.16.0. - * - * \note If \p add_len is greater than - * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT, only the first - * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT Bytes are used. - * The remaining Bytes are silently discarded. - * - * \param ctx The CTR_DRBG context. - * \param additional The data to update the state with. - * \param add_len Length of \p additional data. - */ -MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update( - mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ); -#undef MBEDTLS_DEPRECATED -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - #if defined(MBEDTLS_FS_IO) /** * \brief This function writes a seed file. diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index dd20ba0875..c8d4403d80 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -59,9 +59,13 @@ #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) +#if !defined(MBEDTLS_X509_REMOVE_INFO) #define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \ mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) -#endif +#else +#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) +#endif /* MBEDTLS_X509_REMOVE_INFO */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_ECDH_C) #define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \ @@ -248,7 +252,7 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, const char *text, const mbedtls_ecp_point *X ); #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Print a X.509 certificate structure to the debug output. This * function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro, diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 0a259d1798..0e8892e0f7 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -382,161 +382,6 @@ int mbedtls_dhm_self_test( int verbose ); * */ -#if !defined(MBEDTLS_DEPRECATED_REMOVED) - -/** - * \warning The origin of the primes in RFC 5114 is not documented and - * their use therefore constitutes a security risk! - * - * \deprecated The hex-encoded primes from RFC 5114 are deprecated and are - * likely to be removed in a future version of the library without - * replacement. - */ - -/** - * The hexadecimal presentation of the prime underlying the - * 2048-bit MODP Group with 224-bit Prime Order Subgroup, as defined - * in RFC-5114: Additional Diffie-Hellman Groups for Use with - * IETF Standards. - */ -#define MBEDTLS_DHM_RFC5114_MODP_2048_P \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( \ - "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \ - "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \ - "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \ - "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" \ - "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708" \ - "B3BF8A317091883681286130BC8985DB1602E714415D9330" \ - "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D" \ - "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \ - "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \ - "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \ - "CF9DE5384E71B81C0AC4DFFE0C10E64F" ) - -/** - * The hexadecimal presentation of the chosen generator of the 2048-bit MODP - * Group with 224-bit Prime Order Subgroup, as defined in RFC-5114: - * Additional Diffie-Hellman Groups for Use with IETF Standards. - */ -#define MBEDTLS_DHM_RFC5114_MODP_2048_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( \ - "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF" \ - "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA" \ - "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7" \ - "C17669101999024AF4D027275AC1348BB8A762D0521BC98A" \ - "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE" \ - "F180EB34118E98D119529A45D6F834566E3025E316A330EF" \ - "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB" \ - "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381" \ - "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269" \ - "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179" \ - "81BC087F2A7065B384B890D3191F2BFA" ) - -/** - * The hexadecimal presentation of the prime underlying the 2048-bit MODP - * Group, as defined in RFC-3526: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - * - * \deprecated The hex-encoded primes from RFC 3625 are deprecated and - * superseded by the corresponding macros providing them as - * binary constants. Their hex-encoded constants are likely - * to be removed in a future version of the library. - * - */ -#define MBEDTLS_DHM_RFC3526_MODP_2048_P \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( \ - "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ - "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ - "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ - "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ - "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ - "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ - "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ - "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ - "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ - "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ - "15728E5A8AACAA68FFFFFFFFFFFFFFFF" ) - -/** - * The hexadecimal presentation of the chosen generator of the 2048-bit MODP - * Group, as defined in RFC-3526: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - */ -#define MBEDTLS_DHM_RFC3526_MODP_2048_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) - -/** - * The hexadecimal presentation of the prime underlying the 3072-bit MODP - * Group, as defined in RFC-3072: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - */ -#define MBEDTLS_DHM_RFC3526_MODP_3072_P \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( \ - "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ - "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ - "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ - "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ - "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ - "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ - "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ - "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ - "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ - "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ - "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \ - "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \ - "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ - "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ - "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ - "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" ) - -/** - * The hexadecimal presentation of the chosen generator of the 3072-bit MODP - * Group, as defined in RFC-3526: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - */ -#define MBEDTLS_DHM_RFC3526_MODP_3072_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) - -/** - * The hexadecimal presentation of the prime underlying the 4096-bit MODP - * Group, as defined in RFC-3526: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - */ -#define MBEDTLS_DHM_RFC3526_MODP_4096_P \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( \ - "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ - "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ - "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ - "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ - "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ - "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ - "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ - "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ - "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ - "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ - "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \ - "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \ - "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ - "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ - "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ - "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" \ - "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" \ - "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" \ - "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" \ - "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" \ - "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \ - "FFFFFFFFFFFFFFFF" ) - -/** - * The hexadecimal presentation of the chosen generator of the 4096-bit MODP - * Group, as defined in RFC-3526: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - */ -#define MBEDTLS_DHM_RFC3526_MODP_4096_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) - -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - /* * Trustworthy DHM parameters in binary form */ diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 264a638bb5..525de5da1b 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -138,7 +138,7 @@ int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ); * previously-hashed message. * * \note The deterministic version implemented in - * mbedtls_ecdsa_sign_det() is usually preferred. + * mbedtls_ecdsa_sign_det_ext() is usually preferred. * * \note If the bitlength of the message hash is larger than the * bitlength of the group order, then the hash is truncated @@ -174,67 +174,6 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief This function computes the ECDSA signature of a - * previously-hashed message, deterministic version. - * - * For more information, see RFC-6979: Deterministic - * Usage of the Digital Signature Algorithm (DSA) and Elliptic - * Curve Digital Signature Algorithm (ECDSA). - * - * \note If the bitlength of the message hash is larger than the - * bitlength of the group order, then the hash is truncated as - * defined in Standards for Efficient Cryptography Group - * (SECG): SEC1 Elliptic Curve Cryptography, section - * 4.1.3, step 5. - * - * \warning Since the output of the internal RNG is always the same for - * the same key and message, this limits the efficiency of - * blinding and leaks information through side channels. For - * secure behavior use mbedtls_ecdsa_sign_det_ext() instead. - * - * (Optimally the blinding is a random value that is different - * on every execution. In this case the blinding is still - * random from the attackers perspective, but is the same on - * each execution. This means that this blinding does not - * prevent attackers from recovering secrets by combining - * several measurement traces, but may prevent some attacks - * that exploit relationships between secret data.) - * - * \see ecp.h - * - * \param grp The context for the elliptic curve to use. - * This must be initialized and have group parameters - * set, for example through mbedtls_ecp_group_load(). - * \param r The MPI context in which to store the first part - * the signature. This must be initialized. - * \param s The MPI context in which to store the second part - * the signature. This must be initialized. - * \param d The private signing key. This must be initialized - * and setup, for example through mbedtls_ecp_gen_privkey(). - * \param buf The hashed content to be signed. This must be a readable - * buffer of length \p blen Bytes. It may be \c NULL if - * \p blen is zero. - * \param blen The length of \p buf in Bytes. - * \param md_alg The hash algorithm used to hash the original data. - * - * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX - * error code on failure. - */ -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED; -#undef MBEDTLS_DEPRECATED -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - /** * \brief This function computes the ECDSA signature of a * previously-hashed message, deterministic version. @@ -421,64 +360,6 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, void *p_rng, mbedtls_ecdsa_restart_ctx *rs_ctx ); -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief This function computes an ECDSA signature and writes - * it to a buffer, serialized as defined in RFC-4492: - * Elliptic Curve Cryptography (ECC) Cipher Suites for - * Transport Layer Security (TLS). - * - * The deterministic version is defined in RFC-6979: - * Deterministic Usage of the Digital Signature Algorithm (DSA) - * and Elliptic Curve Digital Signature Algorithm (ECDSA). - * - * \warning It is not thread-safe to use the same context in - * multiple threads. - * - * \note If the bitlength of the message hash is larger than the - * bitlength of the group order, then the hash is truncated as - * defined in Standards for Efficient Cryptography Group - * (SECG): SEC1 Elliptic Curve Cryptography, section - * 4.1.3, step 5. - * - * \see ecp.h - * - * \deprecated Superseded by mbedtls_ecdsa_write_signature() in - * Mbed TLS version 2.0 and later. - * - * \param ctx The ECDSA context to use. This must be initialized - * and have a group and private key bound to it, for example - * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). - * \param hash The message hash to be signed. This must be a readable - * buffer of length \p blen Bytes. - * \param hlen The length of the hash \p hash in Bytes. - * \param sig The buffer to which to write the signature. This must be a - * writable buffer of length at least twice as large as the - * size of the curve used, plus 9. For example, 73 Bytes if - * a 256-bit curve is used. A buffer length of - * #MBEDTLS_ECDSA_MAX_LEN is always safe. - * \param slen The address at which to store the actual length of - * the signature written. Must not be \c NULL. - * \param md_alg The message digest that was used to hash the message. - * - * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or - * \c MBEDTLS_ERR_ASN1_XXX error code on failure. - */ -int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED; -#undef MBEDTLS_DEPRECATED -#endif /* MBEDTLS_DEPRECATED_REMOVED */ -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - /** * \brief This function reads and verifies an ECDSA signature. * diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 0ea1d065d1..7936f6b786 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -30,6 +30,11 @@ #include +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + /** * Error code layout. * @@ -117,6 +122,54 @@ extern "C" { #define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 /**< Hardware accelerator failed */ #define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 /**< The requested feature is not supported by the platform */ +/** + * \brief Combines a high-level and low-level error code together. + * + * Wrapper macro for mbedtls_error_add(). See that function for + * more details. + */ +#define MBEDTLS_ERROR_ADD( high, low ) \ + mbedtls_error_add( high, low, __FILE__, __LINE__ ) + +#if defined(MBEDTLS_TEST_HOOKS) +/** + * \brief Testing hook called before adding/combining two error codes together. + * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. + */ +extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +#endif + +/** + * \brief Combines a high-level and low-level error code together. + * + * This function can be called directly however it is usually + * called via the #MBEDTLS_ERROR_ADD macro. + * + * While a value of zero is not a negative error code, it is still an + * error code (that denotes success) and can be combined with both a + * negative error code or another value of zero. + * + * \note When invasive testing is enabled via #MBEDTLS_TEST_HOOKS, also try to + * call \link mbedtls_test_hook_error_add \endlink. + * + * \param high high-level error code. See error.h for more details. + * \param low low-level error code. See error.h for more details. + * \param file file where this error code addition occured. + * \param line line where this error code addition occured. + */ +static inline int mbedtls_error_add( int high, int low, + const char *file, int line ) +{ +#if defined(MBEDTLS_TEST_HOOKS) + if( *mbedtls_test_hook_error_add != NULL ) + ( *mbedtls_test_hook_error_add )( high, low, file, line ); +#endif + (void)file; + (void)line; + + return( high + low ); +} + /** * \brief Translate a mbed TLS error code into a string representation, * Result is truncated if necessary and always includes a terminating diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index fa33611f2d..1ab3422529 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -397,30 +397,6 @@ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len */ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief This function updates the state of the HMAC_DRBG context. - * - * \deprecated Superseded by mbedtls_hmac_drbg_update_ret() - * in 2.16.0. - * - * \param ctx The HMAC_DRBG context. - * \param additional The data to update the state with. - * If this is \c NULL, there is no additional data. - * \param add_len Length of \p additional in bytes. - * Unused if \p additional is \c NULL. - */ -MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update( - mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t add_len ); -#undef MBEDTLS_DEPRECATED -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - #if defined(MBEDTLS_FS_IO) /** * \brief This function writes a seed file. diff --git a/include/mbedtls/net.h b/include/mbedtls/net.h deleted file mode 100644 index 66921887da..0000000000 --- a/include/mbedtls/net.h +++ /dev/null @@ -1,35 +0,0 @@ -/** - * \file net.h - * - * \brief Deprecated header file that includes net_sockets.h - * - * \deprecated Superseded by mbedtls/net_sockets.h - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#include "mbedtls/net_sockets.h" -#if defined(MBEDTLS_DEPRECATED_WARNING) -#warning "Deprecated header file: Superseded by mbedtls/net_sockets.h" -#endif /* MBEDTLS_DEPRECATED_WARNING */ -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index e4c697b2d6..4198eb1071 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -441,8 +441,10 @@ typedef struct mbedtls_oid_descriptor_t { const char *asn1; /*!< OID ASN.1 representation */ size_t asn1_len; /*!< length of asn1 */ +#if !defined(MBEDTLS_X509_REMOVE_INFO) const char *name; /*!< official name (e.g. from RFC) */ const char *description; /*!< human friendly description */ +#endif } mbedtls_oid_descriptor_t; /** @@ -582,6 +584,7 @@ int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_a int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac ); #endif /* MBEDTLS_MD_C */ +#if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Translate Extended Key Usage OID into description * @@ -591,6 +594,7 @@ int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_ * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc ); +#endif /** * \brief Translate certificate policies OID into description diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 7ed99e0181..8148e608d4 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2859,34 +2859,6 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) - -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif - -/** - * \brief Set the Diffie-Hellman public P and G values, - * read as hexadecimal strings (server-side only) - * (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]) - * - * \param conf SSL configuration - * \param dhm_P Diffie-Hellman-Merkle modulus - * \param dhm_G Diffie-Hellman-Merkle generator - * - * \deprecated Superseded by \c mbedtls_ssl_conf_dh_param_bin. - * - * \return 0 if successful - */ -MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, - const char *dhm_P, - const char *dhm_G ); - -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - /** * \brief Set the Diffie-Hellman public P and G values * from big-endian binary presentations. @@ -3659,32 +3631,6 @@ size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ); * \return Current maximum fragment length for the output buffer. */ size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ); - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) - -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif - -/** - * \brief This function is a deprecated approach to getting the max - * fragment length. Its an alias for - * \c mbedtls_ssl_get_output_max_frag_len(), as the behaviour - * is the same. See \c mbedtls_ssl_get_output_max_frag_len() for - * more detail. - * - * \sa mbedtls_ssl_get_input_max_frag_len() - * \sa mbedtls_ssl_get_output_max_frag_len() - * - * \param ssl SSL context - * - * \return Current maximum fragment length for the output buffer. - */ -MBEDTLS_DEPRECATED size_t mbedtls_ssl_get_max_frag_len( - const mbedtls_ssl_context *ssl ); -#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ /** diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index e5e83d664e..3091de1d1b 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -316,9 +316,11 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *serial ); int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *ext, int tag ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, const void *sig_opts ); +#endif int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ); int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ); int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index 7e9e8885f4..fcaa1495d2 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -134,6 +134,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); #endif /* MBEDTLS_FS_IO */ +#if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Returns an informational string about the CRL. * @@ -147,6 +148,7 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); */ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, const mbedtls_x509_crl *crl ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ /** * \brief Initialize a CRL (chain) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 8e389f8c0e..23a20d10be 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -176,6 +176,74 @@ mbedtls_x509_crt_profile; #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 #endif +/* This macro unfolds to the concatenation of macro invocations + * X509_CRT_ERROR_INFO( error code, + * error code as string, + * human readable description ) + * where X509_CRT_ERROR_INFO is defined by the user. + * See x509_crt.c for an example of how to use this. */ +#define MBEDTLS_X509_CRT_ERROR_INFO_LIST \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_EXPIRED, \ + "MBEDTLS_X509_BADCERT_EXPIRED", \ + "The certificate validity has expired" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_REVOKED, \ + "MBEDTLS_X509_BADCERT_REVOKED", \ + "The certificate has been revoked (is on a CRL)" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_CN_MISMATCH, \ + "MBEDTLS_X509_BADCERT_CN_MISMATCH", \ + "The certificate Common Name (CN) does not match with the expected CN" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_NOT_TRUSTED, \ + "MBEDTLS_X509_BADCERT_NOT_TRUSTED", \ + "The certificate is not correctly signed by the trusted CA" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_NOT_TRUSTED, \ + "MBEDTLS_X509_BADCRL_NOT_TRUSTED", \ + "The CRL is not correctly signed by the trusted CA" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_EXPIRED, \ + "MBEDTLS_X509_BADCRL_EXPIRED", \ + "The CRL is expired" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_MISSING, \ + "MBEDTLS_X509_BADCERT_MISSING", \ + "Certificate was missing" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_SKIP_VERIFY, \ + "MBEDTLS_X509_BADCERT_SKIP_VERIFY", \ + "Certificate verification was skipped" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_OTHER, \ + "MBEDTLS_X509_BADCERT_OTHER", \ + "Other reason (can be used by verify callback)" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_FUTURE, \ + "MBEDTLS_X509_BADCERT_FUTURE", \ + "The certificate validity starts in the future" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_FUTURE, \ + "MBEDTLS_X509_BADCRL_FUTURE", \ + "The CRL is from the future" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_KEY_USAGE, \ + "MBEDTLS_X509_BADCERT_KEY_USAGE", \ + "Usage does not match the keyUsage extension" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, \ + "MBEDTLS_X509_BADCERT_EXT_KEY_USAGE", \ + "Usage does not match the extendedKeyUsage extension" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_NS_CERT_TYPE, \ + "MBEDTLS_X509_BADCERT_NS_CERT_TYPE", \ + "Usage does not match the nsCertType extension" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_MD, \ + "MBEDTLS_X509_BADCERT_BAD_MD", \ + "The certificate is signed with an unacceptable hash." ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_PK, \ + "MBEDTLS_X509_BADCERT_BAD_PK", \ + "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_KEY, \ + "MBEDTLS_X509_BADCERT_BAD_KEY", \ + "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_MD, \ + "MBEDTLS_X509_BADCRL_BAD_MD", \ + "The CRL is signed with an unacceptable hash." ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_PK, \ + "MBEDTLS_X509_BADCRL_BAD_PK", \ + "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_KEY, \ + "MBEDTLS_X509_BADCRL_BAD_KEY", \ + "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." ) + /** * Container for writing a certificate (CRT) */ @@ -509,6 +577,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); */ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, mbedtls_x509_subject_alternative_name *san ); + +#if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Returns an informational string about the * certificate. @@ -538,6 +608,7 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, */ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, uint32_t flags ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ /** * \brief Verify a chain of certificates. diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index b1dfc21f1f..07a3717298 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -121,6 +121,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); #endif /* MBEDTLS_FS_IO */ +#if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Returns an informational string about the * CSR. @@ -135,6 +136,7 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); */ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, const mbedtls_x509_csr *csr ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ /** * \brief Initialize a CSR diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 81e1f28697..94b8f99168 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2113,9 +2113,16 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * authentication tag is appended to the * encrypted data. * \param ciphertext_size Size of the \p ciphertext buffer in bytes. - * This must be at least - * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, - * \p plaintext_length). + * This must be appropriate for the selected + * algorithm and key: + * - A sufficient output size is + * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\c key_type, + * \p alg, \p plaintext_length) where + * \c key_type is the type of \p key. + * - #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p + * plaintext_length) evaluates to the maximum + * ciphertext size of any supported AEAD + * encryption. * \param[out] ciphertext_length On success, the size of the output * in the \p ciphertext buffer. * @@ -2129,7 +2136,11 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \p ciphertext_size is too small + * \p ciphertext_size is too small. + * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\c key_type, \p alg, + * \p plaintext_length) or + * #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length) can be used to + * determine the required buffer size. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED @@ -2173,9 +2184,16 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, * \param ciphertext_length Size of \p ciphertext in bytes. * \param[out] plaintext Output buffer for the decrypted data. * \param plaintext_size Size of the \p plaintext buffer in bytes. - * This must be at least - * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, - * \p ciphertext_length). + * This must be appropriate for the selected + * algorithm and key: + * - A sufficient output size is + * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\c key_type, + * \p alg, \p ciphertext_length) where + * \c key_type is the type of \p key. + * - #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p + * ciphertext_length) evaluates to the maximum + * plaintext size of any supported AEAD + * decryption. * \param[out] plaintext_length On success, the size of the output * in the \p plaintext buffer. * @@ -2191,7 +2209,11 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \p plaintext_size or \p nonce_length is too small + * \p plaintext_size is too small. + * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\c key_type, \p alg, + * \p ciphertext_length) or + * #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length) can be used + * to determine the required buffer size. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED @@ -2612,10 +2634,18 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * \param input_length Size of the \p input buffer in bytes. * \param[out] output Buffer where the output is to be written. * \param output_size Size of the \p output buffer in bytes. - * This must be at least - * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, - * \p input_length) where \c alg is the - * algorithm that is being calculated. + * This must be appropriate for the selected + * algorithm and key: + * - A sufficient output size is + * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c key_type, + * \c alg, \p input_length) where + * \c key_type is the type of key and \c alg is + * the algorithm that were used to set up the + * operation. + * - #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p + * input_length) evaluates to the maximum + * output size of any supported AEAD + * algorithm. * \param[out] output_length On success, the number of bytes * that make up the returned output. * @@ -2626,9 +2656,9 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * set, and have lengths set if required by the algorithm). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. - * You can determine a sufficient buffer size by calling - * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, \p input_length) - * where \c alg is the algorithm that is being calculated. + * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c key_type, \c alg, \p input_length) or + * #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p input_length) can be used to + * determine the required buffer size. * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously @@ -2665,9 +2695,7 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * This function has two output buffers: * - \p ciphertext contains trailing ciphertext that was buffered from * preceding calls to psa_aead_update(). - * - \p tag contains the authentication tag. Its length is always - * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is the AEAD algorithm - * that the operation performs. + * - \p tag contains the authentication tag. * * When this function returns successfuly, the operation becomes inactive. * If this function returns an error status, the operation enters an error @@ -2677,18 +2705,32 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * \param[out] ciphertext Buffer where the last part of the ciphertext * is to be written. * \param ciphertext_size Size of the \p ciphertext buffer in bytes. - * This must be at least - * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) where - * \c alg is the algorithm that is being - * calculated. + * This must be appropriate for the selected + * algorithm and key: + * - A sufficient output size is + * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c key_type, + * \c alg) where \c key_type is the type of key + * and \c alg is the algorithm that were used to + * set up the operation. + * - #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE evaluates to + * the maximum output size of any supported AEAD + * algorithm. * \param[out] ciphertext_length On success, the number of bytes of * returned ciphertext. * \param[out] tag Buffer where the authentication tag is * to be written. * \param tag_size Size of the \p tag buffer in bytes. - * This must be at least - * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is - * the algorithm that is being calculated. + * This must be appropriate for the selected + * algorithm and key: + * - The exact tag size is #PSA_AEAD_TAG_LENGTH(\c + * key_type, \c key_bits, \c alg) where + * \c key_type and \c key_bits are the type and + * bit-size of the key, and \c alg is the + * algorithm that were used in the call to + * psa_aead_encrypt_setup(). + * - #PSA_AEAD_TAG_MAX_SIZE evaluates to the + * maximum tag size of any supported AEAD + * algorithm. * \param[out] tag_length On success, the number of bytes * that make up the returned tag. * @@ -2699,11 +2741,11 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * operation with a nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p ciphertext or \p tag buffer is too small. - * You can determine a sufficient buffer size for \p ciphertext by - * calling #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) - * where \c alg is the algorithm that is being calculated. - * You can determine a sufficient buffer size for \p tag by - * calling #PSA_AEAD_TAG_LENGTH(\c alg). + * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c key_type, \c alg) or + * #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE can be used to determine the + * required \p ciphertext buffer size. #PSA_AEAD_TAG_LENGTH(\c key_type, + * \c key_bits, \c alg) or #PSA_AEAD_TAG_MAX_SIZE can be used to + * determine the required \p tag buffer size. * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously @@ -2762,10 +2804,15 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * that could not be processed until the end * of the input. * \param plaintext_size Size of the \p plaintext buffer in bytes. - * This must be at least - * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) where - * \c alg is the algorithm that is being - * calculated. + * This must be appropriate for the selected algorithm and key: + * - A sufficient output size is + * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type, + * \c alg) where \c key_type is the type of key + * and \c alg is the algorithm that were used to + * set up the operation. + * - #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE evaluates to + * the maximum output size of any supported AEAD + * algorithm. * \param[out] plaintext_length On success, the number of bytes of * returned plaintext. * \param[in] tag Buffer containing the authentication tag. @@ -2781,9 +2828,9 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * operation with a nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p plaintext buffer is too small. - * You can determine a sufficient buffer size for \p plaintext by - * calling #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) - * where \c alg is the algorithm that is being calculated. + * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type, \c alg) or + * #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE can be used to determine the + * required buffer size. * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 591a0af7f2..a7b4ab5994 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -715,6 +715,104 @@ psa_status_t mbedtls_psa_external_get_random( /**@}*/ +/** \defgroup psa_builtin_keys Built-in keys + * @{ + */ + +/** The minimum value for a key identifier that is built into the + * implementation. + * + * The range of key identifiers from #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + * to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX within the range from + * #PSA_KEY_ID_VENDOR_MIN and #PSA_KEY_ID_VENDOR_MAX and must not intersect + * with any other set of implementation-chosen key identifiers. + * + * This value is part of the library's ABI since changing it would invalidate + * the values of built-in key identifiers in applications. + */ +#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000) + +/** The maximum value for a key identifier that is built into the + * implementation. + * + * See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information. + */ +#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff) + +/** A slot number identifying a key in a driver. + * + * Values of this type are used to identify built-in keys. + */ +typedef uint64_t psa_drv_slot_number_t; + +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) +/** Test whether a key identifier belongs to the builtin key range. + * + * \param key_id Key identifier to test. + * + * \retval 1 + * The key identifier is a builtin key identifier. + * \retval 0 + * The key identifier is not a builtin key identifier. + */ +static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) +{ + return( ( key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ) && + ( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) ); +} + +/** Platform function to obtain the location and slot number of a built-in key. + * + * An application-specific implementation of this function must be provided if + * #MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled. This would typically be provided + * as part of a platform's system image. + * + * #MBEDTLS_SVC_KEY_ID_GET_KEY_ID(\p key_id) needs to be in the range from + * #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX. + * + * In a multi-application configuration + * (\c MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is defined), + * this function should check that #MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(\p key_id) + * is allowed to use the given key. + * + * \param key_id The key ID for which to retrieve the + * location and slot attributes. + * \param[out] lifetime On success, the lifetime associated with the key + * corresponding to \p key_id. Lifetime is a + * combination of which driver contains the key, + * and with what persistence level the key is + * intended to be used. If the platform + * implementation does not contain specific + * information about the intended key persistence + * level, the persistence level may be reported as + * #PSA_KEY_PERSISTENCE_DEFAULT. + * \param[out] slot_number On success, the slot number known to the driver + * registered at the lifetime location reported + * through \p lifetime which corresponds to the + * requested built-in key. + * + * \retval #PSA_SUCCESS + * The requested key identifier designates a built-in key. + * In a multi-application configuration, the requested owner + * is allowed to access it. + * \retval #PSA_ERROR_DOES_NOT_EXIST + * The requested key identifier is not a built-in key which is known + * to this function. If a key exists in the key storage with this + * identifier, the data from the storage will be used. + * \return (any other error) + * Any other error is propagated to the function that requested the key. + * Common errors include: + * - #PSA_ERROR_NOT_PERMITTED: the key exists but the requested owner + * is not allowed to access it. + */ +psa_status_t mbedtls_psa_platform_get_builtin_key( + mbedtls_svc_key_id_t key_id, + psa_key_lifetime_t *lifetime, + psa_drv_slot_number_t *slot_number ); +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + +/** @} */ + #ifdef __cplusplus } #endif diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index c9de0620cf..79f96739ba 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -117,26 +117,35 @@ */ #define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE -/** The tag size for an AEAD algorithm, in bytes. +/** The length of a tag for an AEAD algorithm, in bytes. * + * This macro can be used to allocate a buffer of sufficient size to store the + * tag output from psa_aead_finish(). + * + * See also #PSA_AEAD_TAG_MAX_SIZE. + * + * \param key_type The type of the AEAD key. + * \param key_bits The size of the AEAD key in bits. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). * - * \return The tag size for the specified algorithm. + * \return The tag length for the specified algorithm and key. * If the AEAD algorithm does not have an identified * tag that can be distinguished from the rest of * the ciphertext, return 0. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ -#define PSA_AEAD_TAG_LENGTH(alg) \ - (PSA_ALG_IS_AEAD(alg) ? \ - (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ - 0) +#define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ + ((void) (key_bits), 0)) /** The maximum tag size for all supported AEAD algorithms, in bytes. * - * See also #PSA_AEAD_TAG_LENGTH(\p alg). + * See also #PSA_AEAD_TAG_LENGTH(\p key_type, \p key_bits, \p alg). */ #define PSA_AEAD_TAG_MAX_SIZE 16 @@ -241,10 +250,14 @@ * insufficient buffer size. Depending on the algorithm, the actual size of * the ciphertext may be smaller. * + * See also #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length). + * * \warning This macro may evaluate its arguments multiple times or * zero times, so you should not pass arguments that contain * side effects. * + * \param key_type A symmetric key type that is + * compatible with algorithm \p alg. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -252,11 +265,13 @@ * * \return The AEAD ciphertext size for the specified * algorithm. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ -#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ - (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ - (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \ +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ + (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ 0) /** A sufficient output buffer size for psa_aead_encrypt(), for any of the @@ -268,7 +283,8 @@ * \note This macro returns a compile-time constant if its arguments are * compile-time constants. * - * See also #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, \p plaintext_length). + * See also #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p key_type, \p alg, + * \p plaintext_length). * * \param plaintext_length Size of the plaintext in bytes. * @@ -287,10 +303,14 @@ * insufficient buffer size. Depending on the algorithm, the actual size of * the plaintext may be smaller. * + * See also #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length). + * * \warning This macro may evaluate its arguments multiple times or * zero times, so you should not pass arguments that contain * side effects. * + * \param key_type A symmetric key type that is + * compatible with algorithm \p alg. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -298,11 +318,14 @@ * * \return The AEAD ciphertext size for the specified * algorithm. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ - (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ - (ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ + (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \ + (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ 0) /** A sufficient output buffer size for psa_aead_decrypt(), for any of the @@ -314,7 +337,8 @@ * \note This macro returns a compile-time constant if its arguments are * compile-time constants. * - * See also #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, \p ciphertext_length). + * See also #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p key_type, \p alg, + * \p ciphertext_length). * * \param ciphertext_length Size of the ciphertext in bytes. * @@ -352,11 +376,11 @@ */ #define PSA_AEAD_NONCE_LENGTH(key_type, alg) \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \ - PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_CCM ? 13 : \ - PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_GCM ? 12 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \ 0 : \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \ - PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_CHACHA20_POLY1305 ? 12 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \ 0) /** The maximum default nonce size among all supported pairs of key types and @@ -379,10 +403,14 @@ * insufficient buffer size. The actual size of the output may be smaller * in any given call. * + * See also #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p input_length). + * * \warning This macro may evaluate its arguments multiple times or * zero times, so you should not pass arguments that contain * side effects. * + * \param key_type A symmetric key type that is + * compatible with algorithm \p alg. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -390,16 +418,20 @@ * * \return A sufficient output buffer size for the specified * algorithm. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ /* For all the AEAD modes defined in this specification, it is possible * to emit output without delay. However, hardware may not always be * capable of this. So for modes based on a block cipher, allow the * implementation to delay the output until it has a full block. */ -#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \ - (input_length)) +#define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \ + (input_length) : \ + 0) /** A sufficient output buffer size for psa_aead_update(), for any of the * supported key types and AEAD algorithms. @@ -407,7 +439,7 @@ * If the size of the output buffer is at least this large, it is guaranteed * that psa_aead_update() will not fail due to an insufficient buffer size. * - * See also #PSA_AEAD_UPDATE_OUTPUT_SIZE(\p alg, \p input_length). + * See also #PSA_AEAD_UPDATE_OUTPUT_SIZE(\p key_type, \p alg, \p input_length). * * \param input_length Size of the input in bytes. */ @@ -421,23 +453,30 @@ * insufficient ciphertext buffer size. The actual size of the output may * be smaller in any given call. * + * See also #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE. + * + * \param key_type A symmetric key type that is + compatible with algorithm \p alg. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). * * \return A sufficient ciphertext buffer size for the * specified algorithm. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ +#define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ 0) /** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the * supported key types and AEAD algorithms. * - * See also #PSA_AEAD_FINISH_OUTPUT_SIZE(\p alg). + * See also #PSA_AEAD_FINISH_OUTPUT_SIZE(\p key_type, \p alg). */ #define PSA_AEAD_FINISH_OUTPUT_MAX_SIZE (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) @@ -448,23 +487,30 @@ * insufficient plaintext buffer size. The actual size of the output may * be smaller in any given call. * + * See also #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE. + * + * \param key_type A symmetric key type that is + * compatible with algorithm \p alg. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). * * \return A sufficient plaintext buffer size for the * specified algorithm. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ -#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ +#define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ 0) /** A sufficient plaintext buffer size for psa_aead_verify(), for any of the * supported key types and AEAD algorithms. * - * See also #PSA_AEAD_VERIFY_OUTPUT_SIZE(\p alg). + * See also #PSA_AEAD_VERIFY_OUTPUT_SIZE(\p key_type, \p alg). */ #define PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 5e865c9315..9bfd5ab1c0 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2137,4 +2137,27 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /**@}*/ +/** \defgroup helper_macros Helper macros + * @{ + */ + +/* Helper macros */ + +/** Check if two AEAD algorithm identifiers refer to the same AEAD algorithm + * regardless of the tag length they encode. + * + * \param aead_alg_1 An AEAD algorithm identifier. + * \param aead_alg_2 An AEAD algorithm identifier. + * + * \return 1 if both identifiers refer to the same AEAD algorithm, + * 0 otherwise. + * Unspecified if neither \p aead_alg_1 nor \p aead_alg_2 are + * a supported AEAD algorithm. + */ +#define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2) \ + (!(((aead_alg_1) ^ (aead_alg_2)) & \ + ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG))) + +/**@}*/ + #endif /* PSA_CRYPTO_VALUES_H */ diff --git a/library/aes.c b/library/aes.c index b36b81c73c..422e158ca2 100644 --- a/library/aes.c +++ b/library/aes.c @@ -921,15 +921,6 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, } #endif /* !MBEDTLS_AES_ENCRYPT_ALT */ -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) -{ - mbedtls_internal_aes_encrypt( ctx, input, output ); -} -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - /* * AES-ECB block decryption */ @@ -994,15 +985,6 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, } #endif /* !MBEDTLS_AES_DECRYPT_ALT */ -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) -{ - mbedtls_internal_aes_decrypt( ctx, input, output ); -} -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - /* * AES-ECB block encryption/decryption */ diff --git a/library/bignum.c b/library/bignum.c index 71014e5c83..c20c6b77b2 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1666,8 +1666,7 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint * calculating the result is trivial in those cases. */ if( b == 0 || n == 0 ) { - mbedtls_mpi_lset( X, 0 ); - return( 0 ); + return( mbedtls_mpi_lset( X, 0 ) ); } /* Calculate A*b as A + A*(b-1) to take advantage of mpi_mul_hlp */ @@ -2718,26 +2717,6 @@ int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, return( mpi_miller_rabin( &XX, rounds, f_rng, p_rng ) ); } -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -/* - * Pseudo-primality test, error probability 2^-80 - */ -int mbedtls_mpi_is_prime( const mbedtls_mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); - - /* - * In the past our key generation aimed for an error rate of at most - * 2^-80. Since this function is deprecated, aim for the same certainty - * here as well. - */ - return( mbedtls_mpi_is_prime_ext( X, 40, f_rng, p_rng ) ); -} -#endif - /* * Prime number generation * diff --git a/library/cipher.c b/library/cipher.c index 043bb91502..18ab7108e7 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1288,8 +1288,8 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_CIPHER_MODE_AEAD) /* - * Packet-oriented encryption for AEAD modes: internal function shared by - * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext(). + * Packet-oriented encryption for AEAD modes: internal function used by + * mbedtls_cipher_auth_encrypt_ext(). */ static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, @@ -1368,8 +1368,8 @@ static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx, } /* - * Packet-oriented encryption for AEAD modes: internal function shared by - * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext(). + * Packet-oriented encryption for AEAD modes: internal function used by + * mbedtls_cipher_auth_encrypt_ext(). */ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, @@ -1468,54 +1468,6 @@ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx, return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); } - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -/* - * Packet-oriented encryption for AEAD modes: public legacy function. - */ -int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - unsigned char *tag, size_t tag_len ) -{ - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - return( mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen, output, olen, - tag, tag_len ) ); -} - -/* - * Packet-oriented decryption for AEAD modes: public legacy function. - */ -int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - const unsigned char *tag, size_t tag_len ) -{ - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen, output, olen, - tag, tag_len ) ); -} -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_CIPHER_MODE_AEAD */ #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) diff --git a/library/cmac.c b/library/cmac.c index 06f8eec0d9..3cc49d10cc 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -867,11 +867,12 @@ static int cmac_test_wth_cipher( int verbose, { /* When CMAC is implemented by an alternative implementation, or * the underlying primitive itself is implemented alternatively, - * AES-192 may be unavailable. This should not cause the selftest - * function to fail. */ + * AES-192 and/or 3DES may be unavailable. This should not cause + * the selftest function to fail. */ if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED || ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) && - cipher_type == MBEDTLS_CIPHER_AES_192_ECB ) { + ( cipher_type == MBEDTLS_CIPHER_AES_192_ECB || + cipher_type == MBEDTLS_CIPHER_DES_EDE3_ECB ) ) { if( verbose != 0 ) mbedtls_printf( "skipped\n" ); continue; diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index ab52861d57..602ec699c4 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -304,7 +304,7 @@ exit: } /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) - * mbedtls_ctr_drbg_update(ctx, additional, add_len) + * mbedtls_ctr_drbg_update_ret(ctx, additional, add_len) * implements * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string, * security_strength) -> initial_working_state @@ -335,19 +335,6 @@ exit: return( ret ); } -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) -{ - /* MAX_INPUT would be more logical here, but we have to match - * block_cipher_df()'s limits since we can't propagate errors */ - if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) - add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT; - (void) mbedtls_ctr_drbg_update_ret( ctx, additional, add_len ); -} -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - /* CTR_DRBG_Reseed with derivation function (SP 800-90A §10.2.1.4.2) * mbedtls_ctr_drbg_reseed(ctx, additional, len, nonce_len) * implements diff --git a/library/debug.c b/library/debug.c index e91d1ad1da..4be2cba195 100644 --- a/library/debug.c +++ b/library/debug.c @@ -284,7 +284,7 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, } #endif /* MBEDTLS_BIGNUM_C */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) static void debug_print_pk( const mbedtls_ssl_context *ssl, int level, const char *file, int line, const char *text, const mbedtls_pk_context *pk ) @@ -379,7 +379,7 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, crt = crt->next; } } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_REMOVE_INFO */ #if defined(MBEDTLS_ECDH_C) static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl, diff --git a/library/dhm.c b/library/dhm.c index f796812310..9758af7872 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -79,7 +79,7 @@ static int dhm_read_bignum( mbedtls_mpi *X, return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); if( ( ret = mbedtls_mpi_read_binary( X, *p, n ) ) != 0 ) - return( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED, ret ) ); (*p) += n; @@ -222,7 +222,7 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, cleanup: if( ret != 0 ) - return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret ) ); return( 0 ); } @@ -242,7 +242,7 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 || ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 ) { - return( MBEDTLS_ERR_DHM_SET_GROUP_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_SET_GROUP_FAILED, ret ) ); } ctx->len = mbedtls_mpi_size( &ctx->P ); @@ -263,7 +263,7 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 ) - return( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED, ret ) ); return( 0 ); } @@ -313,7 +313,7 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, cleanup: if( ret != 0 ) - return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED, ret ) ); return( 0 ); } @@ -462,7 +462,7 @@ cleanup: mbedtls_mpi_free( &GYb ); if( ret != 0 ) - return( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED, ret ) ); return( 0 ); } @@ -544,7 +544,7 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); goto exit; } @@ -553,7 +553,7 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, if( ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->P ) ) != 0 || ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->G ) ) != 0 ) { - ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); goto exit; } @@ -567,13 +567,13 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, mbedtls_mpi_free( &rec ); if ( ret != 0 ) { - ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); goto exit; } if ( p != end ) { - ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); goto exit; } } diff --git a/library/ecdsa.c b/library/ecdsa.c index 7dc8708a3f..35713a696c 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -420,6 +420,9 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, #if defined(MBEDTLS_ECDSA_DETERMINISTIC) /* * Deterministic signature wrapper + * + * note: The f_rng_blind parameter must not be NULL. + * */ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, @@ -475,69 +478,9 @@ sign: ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen, mbedtls_hmac_drbg_random, p_rng ); #else - if( f_rng_blind != NULL ) - ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - f_rng_blind, p_rng_blind, rs_ctx ); - else - { - mbedtls_hmac_drbg_context *p_rng_blind_det; - -#if !defined(MBEDTLS_ECP_RESTARTABLE) - /* - * To avoid reusing rng_ctx and risking incorrect behavior we seed a - * second HMAC-DRBG with the same seed. We also apply a label to avoid - * reusing the bits of the ephemeral key for blinding and eliminate the - * risk that they leak this way. - */ - const char* blind_label = "BLINDING CONTEXT"; - mbedtls_hmac_drbg_context rng_ctx_blind; - - mbedtls_hmac_drbg_init( &rng_ctx_blind ); - p_rng_blind_det = &rng_ctx_blind; - mbedtls_hmac_drbg_seed_buf( p_rng_blind_det, md_info, - data, 2 * grp_len ); - ret = mbedtls_hmac_drbg_update_ret( p_rng_blind_det, - (const unsigned char*) blind_label, - strlen( blind_label ) ); - if( ret != 0 ) - { - mbedtls_hmac_drbg_free( &rng_ctx_blind ); - goto cleanup; - } -#else - /* - * In the case of restartable computations we would either need to store - * the second RNG in the restart context too or set it up at every - * restart. The first option would penalize the correct application of - * the function and the second would defeat the purpose of the - * restartable feature. - * - * Therefore in this case we reuse the original RNG. This comes with the - * price that the resulting signature might not be a valid deterministic - * ECDSA signature with a very low probability (same magnitude as - * successfully guessing the private key). However even then it is still - * a valid ECDSA signature. - */ - p_rng_blind_det = p_rng; -#endif /* MBEDTLS_ECP_RESTARTABLE */ - - /* - * Since the output of the RNGs is always the same for the same key and - * message, this limits the efficiency of blinding and leaks information - * through side channels. After mbedtls_ecdsa_sign_det() is removed NULL - * won't be a valid value for f_rng_blind anymore. Therefore it should - * be checked by the caller and this branch and check can be removed. - */ - ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - mbedtls_hmac_drbg_random, p_rng_blind_det, - rs_ctx ); - -#if !defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_hmac_drbg_free( &rng_ctx_blind ); -#endif - } + ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + f_rng_blind, p_rng_blind, rs_ctx ); #endif /* MBEDTLS_ECDSA_SIGN_ALT */ cleanup: @@ -550,26 +493,8 @@ cleanup: } /* - * Deterministic signature wrappers + * Deterministic signature wrapper */ - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ) -{ - ECDSA_VALIDATE_RET( grp != NULL ); - ECDSA_VALIDATE_RET( r != NULL ); - ECDSA_VALIDATE_RET( s != NULL ); - ECDSA_VALIDATE_RET( d != NULL ); - ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); - - return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, - NULL, NULL, NULL ) ); -} -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, @@ -756,10 +681,13 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi r, s; - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - ECDSA_VALIDATE_RET( slen != NULL ); + ECDSA_VALIDATE_RET( ctx != NULL ); + ECDSA_VALIDATE_RET( hash != NULL ); + ECDSA_VALIDATE_RET( sig != NULL ); + ECDSA_VALIDATE_RET( slen != NULL ); + + if( f_rng == NULL ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); @@ -811,22 +739,6 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL ) ); } -#if !defined(MBEDTLS_DEPRECATED_REMOVED) && \ - defined(MBEDTLS_ECDSA_DETERMINISTIC) -int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - mbedtls_md_type_t md_alg ) -{ - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - ECDSA_VALIDATE_RET( slen != NULL ); - return( mbedtls_ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen, - NULL, NULL ) ); -} -#endif - /* * Read and check signature */ @@ -870,8 +782,8 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, if( p + len != end ) { - ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); goto cleanup; } diff --git a/library/ecp.c b/library/ecp.c index 4c0d28ea87..194e448289 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2477,7 +2477,7 @@ static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P { #if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng ); + return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng ) ); #endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) diff --git a/library/error.c b/library/error.c index f489be6dc1..a176deb8c5 100644 --- a/library/error.c +++ b/library/error.c @@ -858,4 +858,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #endif /* MBEDTLS_ERROR_C */ +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +#endif + #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index de9706885c..7e1b4fb064 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -104,15 +104,6 @@ exit: return( ret ); } -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) -{ - (void) mbedtls_hmac_drbg_update_ret( ctx, additional, add_len ); -} -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - /* * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA) */ diff --git a/library/oid.c b/library/oid.c index 4ad8b29b6a..5d2613364a 100644 --- a/library/oid.c +++ b/library/oid.c @@ -41,6 +41,17 @@ */ #define ADD_LEN(s) s, MBEDTLS_OID_SIZE(s) +/* + * Macro to generate mbedtls_oid_descriptor_t + */ +#if !defined(MBEDTLS_X509_REMOVE_INFO) +#define OID_DESCRIPTOR(s, name, description) { ADD_LEN(s), name, description } +#define NULL_OID_DESCRIPTOR { NULL, 0, NULL, NULL } +#else +#define OID_DESCRIPTOR(s, name, description) { ADD_LEN(s) } +#define NULL_OID_DESCRIPTOR { NULL, 0 } +#endif + /* * Macro to generate an internal function for oid_XXX_from_asn1() (used by * the other functions) @@ -64,6 +75,7 @@ return( NULL ); \ } +#if !defined(MBEDTLS_X509_REMOVE_INFO) /* * Macro to generate a function for retrieving a single attribute from the * descriptor of an mbedtls_oid_descriptor_t wrapper. @@ -76,6 +88,7 @@ int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) *ATTR1 = data->descriptor.ATTR1; \ return( 0 ); \ } +#endif /* MBEDTLS_X509_REMOVE_INFO */ /* * Macro to generate a function for retrieving a single attribute from an @@ -157,83 +170,83 @@ typedef struct { static const oid_x520_attr_t oid_x520_attr_type[] = { { - { ADD_LEN( MBEDTLS_OID_AT_CN ), "id-at-commonName", "Common Name" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_CN, "id-at-commonName", "Common Name" ), "CN", }, { - { ADD_LEN( MBEDTLS_OID_AT_COUNTRY ), "id-at-countryName", "Country" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_COUNTRY, "id-at-countryName", "Country" ), "C", }, { - { ADD_LEN( MBEDTLS_OID_AT_LOCALITY ), "id-at-locality", "Locality" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_LOCALITY, "id-at-locality", "Locality" ), "L", }, { - { ADD_LEN( MBEDTLS_OID_AT_STATE ), "id-at-state", "State" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_STATE, "id-at-state", "State" ), "ST", }, { - { ADD_LEN( MBEDTLS_OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_ORGANIZATION,"id-at-organizationName", "Organization" ), "O", }, { - { ADD_LEN( MBEDTLS_OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_ORG_UNIT, "id-at-organizationalUnitName", "Org Unit" ), "OU", }, { - { ADD_LEN( MBEDTLS_OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS9_EMAIL, "emailAddress", "E-mail address" ), "emailAddress", }, { - { ADD_LEN( MBEDTLS_OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_SERIAL_NUMBER,"id-at-serialNumber", "Serial number" ), "serialNumber", }, { - { ADD_LEN( MBEDTLS_OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_POSTAL_ADDRESS,"id-at-postalAddress", "Postal address" ), "postalAddress", }, { - { ADD_LEN( MBEDTLS_OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_POSTAL_CODE, "id-at-postalCode", "Postal code" ), "postalCode", }, { - { ADD_LEN( MBEDTLS_OID_AT_SUR_NAME ), "id-at-surName", "Surname" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_SUR_NAME, "id-at-surName", "Surname" ), "SN", }, { - { ADD_LEN( MBEDTLS_OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_GIVEN_NAME, "id-at-givenName", "Given name" ), "GN", }, { - { ADD_LEN( MBEDTLS_OID_AT_INITIALS ), "id-at-initials", "Initials" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_INITIALS, "id-at-initials", "Initials" ), "initials", }, { - { ADD_LEN( MBEDTLS_OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_GENERATION_QUALIFIER, "id-at-generationQualifier", "Generation qualifier" ), "generationQualifier", }, { - { ADD_LEN( MBEDTLS_OID_AT_TITLE ), "id-at-title", "Title" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_TITLE, "id-at-title", "Title" ), "title", }, { - { ADD_LEN( MBEDTLS_OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_DN_QUALIFIER,"id-at-dnQualifier", "Distinguished Name qualifier" ), "dnQualifier", }, { - { ADD_LEN( MBEDTLS_OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_PSEUDONYM, "id-at-pseudonym", "Pseudonym" ), "pseudonym", }, { - { ADD_LEN( MBEDTLS_OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" }, + OID_DESCRIPTOR( MBEDTLS_OID_DOMAIN_COMPONENT, "id-domainComponent", "Domain component" ), "DC", }, { - { ADD_LEN( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier", "Unique Identifier" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER, "id-at-uniqueIdentifier", "Unique Identifier" ), "uniqueIdentifier", }, { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, NULL, } }; @@ -252,31 +265,31 @@ typedef struct { static const oid_x509_ext_t oid_x509_ext[] = { { - { ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" }, + OID_DESCRIPTOR( MBEDTLS_OID_BASIC_CONSTRAINTS, "id-ce-basicConstraints", "Basic Constraints" ), MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS, }, { - { ADD_LEN( MBEDTLS_OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" }, + OID_DESCRIPTOR( MBEDTLS_OID_KEY_USAGE, "id-ce-keyUsage", "Key Usage" ), MBEDTLS_OID_X509_EXT_KEY_USAGE, }, { - { ADD_LEN( MBEDTLS_OID_EXTENDED_KEY_USAGE ), "id-ce-extKeyUsage", "Extended Key Usage" }, + OID_DESCRIPTOR( MBEDTLS_OID_EXTENDED_KEY_USAGE, "id-ce-extKeyUsage", "Extended Key Usage" ), MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE, }, { - { ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" }, + OID_DESCRIPTOR( MBEDTLS_OID_SUBJECT_ALT_NAME, "id-ce-subjectAltName", "Subject Alt Name" ), MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME, }, { - { ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" }, + OID_DESCRIPTOR( MBEDTLS_OID_NS_CERT_TYPE, "id-netscape-certtype", "Netscape Certificate Type" ), MBEDTLS_OID_X509_EXT_NS_CERT_TYPE, }, { - { ADD_LEN( MBEDTLS_OID_CERTIFICATE_POLICIES ), "id-ce-certificatePolicies", "Certificate Policies" }, + OID_DESCRIPTOR( MBEDTLS_OID_CERTIFICATE_POLICIES, "id-ce-certificatePolicies", "Certificate Policies" ), MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES, }, { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, 0, }, }; @@ -284,16 +297,17 @@ static const oid_x509_ext_t oid_x509_ext[] = FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext) FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type) +#if !defined(MBEDTLS_X509_REMOVE_INFO) static const mbedtls_oid_descriptor_t oid_ext_key_usage[] = { - { ADD_LEN( MBEDTLS_OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" }, - { ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" }, - { ADD_LEN( MBEDTLS_OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" }, - { ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" }, - { ADD_LEN( MBEDTLS_OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" }, - { ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" }, - { ADD_LEN( MBEDTLS_OID_WISUN_FAN ), "id-kp-wisun-fan-device", "Wi-SUN Alliance Field Area Network (FAN)" }, - { NULL, 0, NULL, NULL }, + OID_DESCRIPTOR( MBEDTLS_OID_SERVER_AUTH, "id-kp-serverAuth", "TLS Web Server Authentication" ), + OID_DESCRIPTOR( MBEDTLS_OID_CLIENT_AUTH, "id-kp-clientAuth", "TLS Web Client Authentication" ), + OID_DESCRIPTOR( MBEDTLS_OID_CODE_SIGNING, "id-kp-codeSigning", "Code Signing" ), + OID_DESCRIPTOR( MBEDTLS_OID_EMAIL_PROTECTION, "id-kp-emailProtection", "E-mail Protection" ), + OID_DESCRIPTOR( MBEDTLS_OID_TIME_STAMPING, "id-kp-timeStamping", "Time Stamping" ), + OID_DESCRIPTOR( MBEDTLS_OID_OCSP_SIGNING, "id-kp-OCSPSigning", "OCSP Signing" ), + OID_DESCRIPTOR( MBEDTLS_OID_WISUN_FAN, "id-kp-wisun-fan-device", "Wi-SUN Alliance Field Area Network (FAN)" ), + NULL_OID_DESCRIPTOR, }; FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage) @@ -301,12 +315,13 @@ FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, mbedtls_oid_descriptor_t, e static const mbedtls_oid_descriptor_t oid_certificate_policies[] = { - { ADD_LEN( MBEDTLS_OID_ANY_POLICY ), "anyPolicy", "Any Policy" }, - { NULL, 0, NULL, NULL }, + OID_DESCRIPTOR( MBEDTLS_OID_ANY_POLICY, "anyPolicy", "Any Policy" ), + NULL_OID_DESCRIPTOR, }; FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, certificate_policies, oid_certificate_policies) FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, mbedtls_oid_descriptor_t, certificate_policies, const char *, description) +#endif /* MBEDTLS_X509_REMOVE_INFO */ #if defined(MBEDTLS_MD_C) /* @@ -323,55 +338,55 @@ static const oid_sig_alg_t oid_sig_alg[] = #if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_MD2_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD2, "md2WithRSAEncryption", "RSA with MD2" ), MBEDTLS_MD_MD2, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD2_C */ #if defined(MBEDTLS_MD4_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD4, "md4WithRSAEncryption", "RSA with MD4" ), MBEDTLS_MD_MD4, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5" ), MBEDTLS_MD_MD5, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA1, "sha-1WithRSAEncryption", "RSA with SHA1" ), MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA224_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA224, "sha224WithRSAEncryption", "RSA with SHA-224" ), MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA, }, #endif #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA256, "sha256WithRSAEncryption", "RSA with SHA-256" ), MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA384_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA384, "sha384WithRSAEncryption", "RSA with SHA-384" ), MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA512, "sha512WithRSAEncryption", "RSA with SHA-512" ), MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" }, + OID_DESCRIPTOR( MBEDTLS_OID_RSA_SHA_OBS, "sha-1WithRSAEncryption", "RSA with SHA1" ), MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA1_C */ @@ -379,47 +394,51 @@ static const oid_sig_alg_t oid_sig_alg[] = #if defined(MBEDTLS_ECDSA_C) #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" }, + OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA1, "ecdsa-with-SHA1", "ECDSA with SHA1" ), MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA224_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" }, + OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA224, "ecdsa-with-SHA224", "ECDSA with SHA224" ), MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA, }, #endif #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" }, + OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA256, "ecdsa-with-SHA256", "ECDSA with SHA256" ), MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" }, + OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA384, "ecdsa-with-SHA384", "ECDSA with SHA384" ), MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" }, + OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA512, "ecdsa-with-SHA512", "ECDSA with SHA512" ), MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_ECDSA_C */ #if defined(MBEDTLS_RSA_C) { - { ADD_LEN( MBEDTLS_OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" }, + OID_DESCRIPTOR( MBEDTLS_OID_RSASSA_PSS, "RSASSA-PSS", "RSASSA-PSS" ), MBEDTLS_MD_NONE, MBEDTLS_PK_RSASSA_PSS, }, #endif /* MBEDTLS_RSA_C */ { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, MBEDTLS_PK_NONE, }, }; FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg) + +#if !defined(MBEDTLS_X509_REMOVE_INFO) FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description) +#endif + FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg) FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg) #endif /* MBEDTLS_MD_C */ @@ -435,19 +454,19 @@ typedef struct { static const oid_pk_alg_t oid_pk_alg[] = { { - { ADD_LEN( MBEDTLS_OID_PKCS1_RSA ), "rsaEncryption", "RSA" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_RSA, "rsaEncryption", "RSA" ), MBEDTLS_PK_RSA, }, { - { ADD_LEN( MBEDTLS_OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_ALG_UNRESTRICTED, "id-ecPublicKey", "Generic EC key" ), MBEDTLS_PK_ECKEY, }, { - { ADD_LEN( MBEDTLS_OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_ALG_ECDH, "id-ecDH", "EC key for ECDH" ), MBEDTLS_PK_ECKEY_DH, }, { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_PK_NONE, }, }; @@ -469,72 +488,72 @@ static const oid_ecp_grp_t oid_ecp_grp[] = { #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP192R1, "secp192r1", "secp192r1" ), MBEDTLS_ECP_DP_SECP192R1, }, #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP224R1, "secp224r1", "secp224r1" ), MBEDTLS_ECP_DP_SECP224R1, }, #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP256R1, "secp256r1", "secp256r1" ), MBEDTLS_ECP_DP_SECP256R1, }, #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP384R1, "secp384r1", "secp384r1" ), MBEDTLS_ECP_DP_SECP384R1, }, #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP521R1, "secp521r1", "secp521r1" ), MBEDTLS_ECP_DP_SECP521R1, }, #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP192K1, "secp192k1", "secp192k1" ), MBEDTLS_ECP_DP_SECP192K1, }, #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP224K1, "secp224k1", "secp224k1" ), MBEDTLS_ECP_DP_SECP224K1, }, #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP256K1, "secp256k1", "secp256k1" ), MBEDTLS_ECP_DP_SECP256K1, }, #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_BP256R1, "brainpoolP256r1","brainpool256r1" ), MBEDTLS_ECP_DP_BP256R1, }, #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_BP384R1, "brainpoolP384r1","brainpool384r1" ), MBEDTLS_ECP_DP_BP384R1, }, #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_BP512R1, "brainpoolP512r1","brainpool512r1" ), MBEDTLS_ECP_DP_BP512R1, }, #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_ECP_DP_NONE, }, }; @@ -556,15 +575,15 @@ typedef struct { static const oid_cipher_alg_t oid_cipher_alg[] = { { - { ADD_LEN( MBEDTLS_OID_DES_CBC ), "desCBC", "DES-CBC" }, + OID_DESCRIPTOR( MBEDTLS_OID_DES_CBC, "desCBC", "DES-CBC" ), MBEDTLS_CIPHER_DES_CBC, }, { - { ADD_LEN( MBEDTLS_OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" }, + OID_DESCRIPTOR( MBEDTLS_OID_DES_EDE3_CBC, "des-ede3-cbc", "DES-EDE3-CBC" ), MBEDTLS_CIPHER_DES_EDE3_CBC, }, { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_CIPHER_NONE, }, }; @@ -586,58 +605,58 @@ static const oid_md_alg_t oid_md_alg[] = { #if defined(MBEDTLS_MD2_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD2, "id-md2", "MD2" ), MBEDTLS_MD_MD2, }, #endif /* MBEDTLS_MD2_C */ #if defined(MBEDTLS_MD4_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD4, "id-md4", "MD4" ), MBEDTLS_MD_MD4, }, #endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD5, "id-md5", "MD5" ), MBEDTLS_MD_MD5, }, #endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA1, "id-sha1", "SHA-1" ), MBEDTLS_MD_SHA1, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA224_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA224, "id-sha224", "SHA-224" ), MBEDTLS_MD_SHA224, }, #endif #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA256, "id-sha256", "SHA-256" ), MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA384, "id-sha384", "SHA-384" ), MBEDTLS_MD_SHA384, }, { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA512, "id-sha512", "SHA-512" ), MBEDTLS_MD_SHA512, }, #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_RIPEMD160_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_RIPEMD160 ), "id-ripemd160", "RIPEMD-160" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_RIPEMD160, "id-ripemd160", "RIPEMD-160" ), MBEDTLS_MD_RIPEMD160, }, #endif /* MBEDTLS_RIPEMD160_C */ { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, }, }; @@ -658,36 +677,36 @@ static const oid_md_hmac_t oid_md_hmac[] = { #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA1 ), "hmacSHA1", "HMAC-SHA-1" }, + OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA1, "hmacSHA1", "HMAC-SHA-1" ), MBEDTLS_MD_SHA1, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA224_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA224 ), "hmacSHA224", "HMAC-SHA-224" }, + OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA224, "hmacSHA224", "HMAC-SHA-224" ), MBEDTLS_MD_SHA224, }, #endif #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA256 ), "hmacSHA256", "HMAC-SHA-256" }, + OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA256, "hmacSHA256", "HMAC-SHA-256" ), MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA384_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA384 ), "hmacSHA384", "HMAC-SHA-384" }, + OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA384, "hmacSHA384", "HMAC-SHA-384" ), MBEDTLS_MD_SHA384, }, #endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA512 ), "hmacSHA512", "HMAC-SHA-512" }, + OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA512, "hmacSHA512", "HMAC-SHA-512" ), MBEDTLS_MD_SHA512, }, #endif /* MBEDTLS_SHA512_C */ { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, }, }; @@ -709,15 +728,15 @@ typedef struct { static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] = { { - { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC, "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" ), MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE3_CBC, }, { - { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC, "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" ), MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE_CBC, }, { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, MBEDTLS_CIPHER_NONE, }, }; diff --git a/library/pem.c b/library/pem.c index 969d492e3b..fcfde94799 100644 --- a/library/pem.c +++ b/library/pem.c @@ -343,7 +343,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 ); if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER ) - return( MBEDTLS_ERR_PEM_INVALID_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PEM_INVALID_DATA, ret ) ); if( ( buf = mbedtls_calloc( 1, len ) ) == NULL ) return( MBEDTLS_ERR_PEM_ALLOC_FAILED ); @@ -352,7 +352,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const { mbedtls_platform_zeroize( buf, len ); mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_INVALID_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PEM_INVALID_DATA, ret ) ); } if( enc != 0 ) diff --git a/library/pkcs12.c b/library/pkcs12.c index 4bdeb6835e..9823d963c3 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -60,21 +60,21 @@ static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, * */ if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret ) ); salt->p = *p; *p += salt->len; if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 ) - return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret ) ); if( *p != end ) - return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } diff --git a/library/pkcs5.c b/library/pkcs5.c index e9e743fa90..2b014d91c8 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -60,8 +60,8 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, const unsigned char *end = params->p + params->len; if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); /* * PBKDF2-params ::= SEQUENCE { * salt OCTET STRING, @@ -73,13 +73,13 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, */ if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); salt->p = p; p += salt->len; if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); if( p == end ) return( 0 ); @@ -87,21 +87,21 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 ) { if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); } if( p == end ) return( 0 ); if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 ) return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); if( p != end ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -134,12 +134,12 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, * } */ if( pbe_params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid, &kdf_alg_params ) ) != 0 ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); // Only PBKDF2 supported at the moment // @@ -160,7 +160,7 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid, &enc_scheme_params ) ) != 0 ) { - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); } if( mbedtls_oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 ) diff --git a/library/pkparse.c b/library/pkparse.c index 0590f2b050..3222ca20fb 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -186,8 +186,8 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if ( end - *p < 1 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); /* Tag may be either OID or SEQUENCE */ params->tag = **p; @@ -197,21 +197,21 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end, #endif ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } if( ( ret = mbedtls_asn1_get_tag( p, end, ¶ms->len, params->tag ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } params->p = *p; *p += params->len; if( *p != end ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -247,7 +247,7 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ /* SpecifiedECDomainVersion ::= INTEGER { 1, 2, 3 } */ if( ( ret = mbedtls_asn1_get_int( &p, end, &ver ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( ver < 1 || ver > 3 ) return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); @@ -285,13 +285,13 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ /* Prime-p ::= INTEGER -- Field of size p. */ if( ( ret = mbedtls_asn1_get_mpi( &p, end_field, &grp->P ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); grp->pbits = mbedtls_mpi_bitlen( &grp->P ); if( p != end_field ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* * Curve ::= SEQUENCE { @@ -315,7 +315,7 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 || ( ret = mbedtls_mpi_read_binary( &grp->A, p, len ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } p += len; @@ -323,7 +323,7 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 || ( ret = mbedtls_mpi_read_binary( &grp->B, p, len ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } p += len; @@ -333,14 +333,14 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ p += len; if( p != end_curve ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* * ECPoint ::= OCTET STRING */ if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( ( ret = mbedtls_ecp_point_read_binary( grp, &grp->G, ( const unsigned char *) p, len ) ) != 0 ) @@ -366,7 +366,7 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ * order INTEGER */ if( ( ret = mbedtls_asn1_get_mpi( &p, end, &grp->N ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); grp->nbits = mbedtls_mpi_bitlen( &grp->N ); @@ -528,15 +528,15 @@ static int pk_get_rsapubkey( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); if( *p + len != end ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* Import N */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); if( ( ret = mbedtls_rsa_import_raw( rsa, *p, len, NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) ) != 0 ) @@ -546,7 +546,7 @@ static int pk_get_rsapubkey( unsigned char **p, /* Import E */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); if( ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0, NULL, 0, *p, len ) ) != 0 ) @@ -561,8 +561,8 @@ static int pk_get_rsapubkey( unsigned char **p, } if( *p != end ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -584,7 +584,7 @@ static int pk_get_pk_alg( unsigned char **p, memset( params, 0, sizeof(mbedtls_asn1_buf) ); if( ( ret = mbedtls_asn1_get_alg( p, end, &alg_oid, params ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_ALG, ret ) ); if( mbedtls_oid_get_pk_alg( &alg_oid, pk_alg ) != 0 ) return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); @@ -624,7 +624,7 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } end = *p + len; @@ -633,11 +633,11 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, return( ret ); if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); if( *p + len != end ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL ) return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); @@ -662,8 +662,8 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; if( ret == 0 && *p != end ) - ret = MBEDTLS_ERR_PK_INVALID_PUBKEY + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); if( ret != 0 ) mbedtls_pk_free( pk ); @@ -734,14 +734,14 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } end = p + len; if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } if( version != 0 ) @@ -831,8 +831,8 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, if( p != end ) { - ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } cleanup: @@ -843,7 +843,7 @@ cleanup: { /* Wrap error code if it's coming from a lower level */ if( ( ret & 0xff80 ) == 0 ) - ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ); else ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; @@ -883,24 +883,24 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } end = p + len; if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( version != 1 ) return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( ( ret = mbedtls_mpi_read_binary( &eck->d, p, len ) ) != 0 ) { mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } p += len; @@ -924,7 +924,7 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) { mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } } @@ -940,11 +940,11 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, end2 = p + len; if( ( ret = mbedtls_asn1_get_bitstring_null( &p, end2, &len ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( p + len != end2 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 ) pubkey_done = 1; @@ -961,7 +961,7 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) { mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } } @@ -970,7 +970,7 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, NULL, NULL ) ) != 0 ) { mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } if( ( ret = mbedtls_ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 ) @@ -1028,26 +1028,28 @@ static int pk_parse_key_pkcs8_unencrypted_der( if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } end = p + len; if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( version != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_VERSION, ret ) ); if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, ¶ms ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + { + return( ret ); + } if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( len < 1 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL ) return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); @@ -1130,16 +1132,16 @@ static int pk_parse_key_pkcs8_encrypted_der( if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } end = p + len; if( ( ret = mbedtls_asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); buf = p; @@ -1518,7 +1520,8 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, return( ret ); } mbedtls_pk_free( ctx ); - if( ret != ( MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) + if( ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) ) { return( ret ); } diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 98885eec55..c153217908 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -553,20 +553,8 @@ MBEDTLS_STATIC_TESTABLE psa_status_t psa_mac_key_can_do( return( PSA_ERROR_INVALID_ARGUMENT ); } -/** Try to allocate a buffer to an empty key slot. - * - * \param[in,out] slot Key slot to attach buffer to. - * \param[in] buffer_length Requested size of the buffer. - * - * \retval #PSA_SUCCESS - * The buffer has been successfully allocated. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * Not enough memory was available for allocation. - * \retval #PSA_ERROR_ALREADY_EXISTS - * Trying to allocate a buffer to a non-empty key slot. - */ -static psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, - size_t buffer_length ) +psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, + size_t buffer_length ) { if( slot->key.data != NULL ) return( PSA_ERROR_ALREADY_EXISTS ); @@ -1024,8 +1012,7 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -/** Wipe key data from a slot. Preserve metadata such as the policy. */ -static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) +psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) { /* Data pointer will always be either a valid pointer or NULL in an * initialized slot, so we can just free it. */ diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 2632830f87..356679c38f 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -154,10 +154,14 @@ static psa_status_t psa_aead_setup( return( PSA_ERROR_NOT_SUPPORTED ); } - if( PSA_AEAD_TAG_LENGTH( alg ) > full_tag_length ) + if( PSA_AEAD_TAG_LENGTH( attributes->core.type, + key_bits, alg ) + > full_tag_length ) return( PSA_ERROR_INVALID_ARGUMENT ); - operation->tag_length = PSA_AEAD_TAG_LENGTH( alg ); + operation->tag_length = PSA_AEAD_TAG_LENGTH( attributes->core.type, + key_bits, + alg ); return( PSA_SUCCESS ); } diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index f949c7188d..90f9d18630 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -180,6 +180,24 @@ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( */ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); +/** Try to allocate a buffer to an empty key slot. + * + * \param[in,out] slot Key slot to attach buffer to. + * \param[in] buffer_length Requested size of the buffer. + * + * \retval #PSA_SUCCESS + * The buffer has been successfully allocated. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * Not enough memory was available for allocation. + * \retval #PSA_ERROR_ALREADY_EXISTS + * Trying to allocate a buffer to a non-empty key slot. + */ +psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, + size_t buffer_length ); + +/** Wipe key data from a slot. Preserves metadata such as the policy. */ +psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ); + /** Copy key data (in export format) into an empty key slot. * * This function assumes that the slot does not contain diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 536505ef41..9bef02cd00 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -101,7 +101,7 @@ psa_status_t psa_driver_wrapper_sign_hash( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_signature_sign_hash( attributes, + status = mbedtls_test_transparent_signature_sign_hash( attributes, key_buffer, key_buffer_size, alg, @@ -129,16 +129,16 @@ psa_status_t psa_driver_wrapper_sign_hash( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: - return( test_opaque_signature_sign_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_size, - signature_length ) ); + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_signature_sign_hash( attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -185,14 +185,15 @@ psa_status_t psa_driver_wrapper_verify_hash( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_signature_verify_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ); + status = mbedtls_test_transparent_signature_verify_hash( + attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length ); /* Declared with fallback == true */ if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -211,15 +212,15 @@ psa_status_t psa_driver_wrapper_verify_hash( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: - return( test_opaque_signature_verify_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ) ); + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_signature_verify_hash( attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -229,8 +230,8 @@ psa_status_t psa_driver_wrapper_verify_hash( } } -/** Get the key buffer size for the key material of a generated key in the - * case of an opaque driver without storage. +/** Get the key buffer size required to store the key material of a key + * associated with an opaque driver without storage. * * \param[in] attributes The key attributes. * \param[out] key_buffer_size Minimum buffer size to contain the key material @@ -256,38 +257,20 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( switch( location ) { #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: -#ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION - *key_buffer_size = test_size_function( key_type, key_bits ); - return( PSA_SUCCESS ); -#else /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ - if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) ) + case PSA_CRYPTO_TEST_DRIVER_LOCATION: +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + /* Emulate property 'builtin_key_size' */ + if( psa_key_id_is_builtin( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( + psa_get_key_id( attributes ) ) ) ) { - int public_key_overhead = - ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) ? - PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 ); - *key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE - + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE - + public_key_overhead; + *key_buffer_size = sizeof( psa_drv_slot_number_t ); + return( PSA_SUCCESS ); } - else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( key_type ) ) - { - *key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE - + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE; - } - else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) && - !PSA_KEY_TYPE_IS_PUBLIC_KEY ( key_type ) ) - { - *key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE - + TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR - * ( ( key_bits + 7 ) / 8 ); - } - else - { - return( PSA_ERROR_NOT_SUPPORTED ); - } - return( PSA_SUCCESS ); -#endif /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + *key_buffer_size = mbedtls_test_size_function( key_type, key_bits ); + return( ( *key_buffer_size != 0 ) ? + PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); #endif /* PSA_CRYPTO_DRIVER_TEST */ default: @@ -335,7 +318,7 @@ psa_status_t psa_driver_wrapper_generate_key( { /* Cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_generate_key( + status = mbedtls_test_transparent_generate_key( attributes, key_buffer, key_buffer_size, key_buffer_length ); /* Declared with fallback == true */ @@ -353,8 +336,8 @@ psa_status_t psa_driver_wrapper_generate_key( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: - status = test_opaque_generate_key( + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + status = mbedtls_test_opaque_generate_key( attributes, key_buffer, key_buffer_size, key_buffer_length ); break; #endif /* PSA_CRYPTO_DRIVER_TEST */ @@ -418,10 +401,11 @@ psa_status_t psa_driver_wrapper_import_key( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_import_key( attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ); + status = mbedtls_test_transparent_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ); /* Declared with fallback == true */ if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -485,13 +469,13 @@ psa_status_t psa_driver_wrapper_export_key( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: - return( test_opaque_export_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_export_key( attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -537,12 +521,13 @@ psa_status_t psa_driver_wrapper_export_public_key( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_export_public_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ); + status = mbedtls_test_transparent_export_public_key( + attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length ); /* Declared with fallback == true */ if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -559,13 +544,13 @@ psa_status_t psa_driver_wrapper_export_public_key( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: - return( test_opaque_export_public_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_export_public_key( attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -574,6 +559,30 @@ psa_status_t psa_driver_wrapper_export_public_key( } } +psa_status_t psa_driver_wrapper_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) +{ + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + switch( location ) + { +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_get_builtin_key( + slot_number, + attributes, + key_buffer, key_buffer_size, key_buffer_length ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ + default: + (void) slot_number; + (void) key_buffer; + (void) key_buffer_size; + (void) key_buffer_length; + return( PSA_ERROR_DOES_NOT_EXIST ); + } +} + /* * Cipher functions */ @@ -599,15 +608,15 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_cipher_encrypt( &attributes, - slot->key.data, - slot->key.bytes, - alg, - input, - input_length, - output, - output_size, - output_length ); + status = mbedtls_test_transparent_cipher_encrypt( &attributes, + slot->key.data, + slot->key.bytes, + alg, + input, + input_length, + output, + output_size, + output_length ); /* Declared with fallback == true */ if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -616,16 +625,16 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( return( PSA_ERROR_NOT_SUPPORTED ); /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: - return( test_opaque_cipher_encrypt( &attributes, - slot->key.data, - slot->key.bytes, - alg, - input, - input_length, - output, - output_size, - output_length ) ); + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_cipher_encrypt( &attributes, + slot->key.data, + slot->key.bytes, + alg, + input, + input_length, + output, + output_size, + output_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ default: /* Key is declared with a lifetime not known to us */ @@ -666,15 +675,15 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_cipher_decrypt( &attributes, - slot->key.data, - slot->key.bytes, - alg, - input, - input_length, - output, - output_size, - output_length ); + status = mbedtls_test_transparent_cipher_decrypt( &attributes, + slot->key.data, + slot->key.bytes, + alg, + input, + input_length, + output, + output_size, + output_length ); /* Declared with fallback == true */ if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -683,16 +692,16 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( return( PSA_ERROR_NOT_SUPPORTED ); /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: - return( test_opaque_cipher_decrypt( &attributes, - slot->key.data, - slot->key.bytes, - alg, - input, - input_length, - output, - output_size, - output_length ) ); + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_cipher_decrypt( &attributes, + slot->key.data, + slot->key.bytes, + alg, + input, + input_length, + output, + output_size, + output_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ default: /* Key is declared with a lifetime not known to us */ @@ -728,7 +737,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_cipher_encrypt_setup( + status = mbedtls_test_transparent_cipher_encrypt_setup( &operation->ctx.transparent_test_driver_ctx, attributes, key_buffer, @@ -760,8 +769,8 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: - status = test_opaque_cipher_encrypt_setup( + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + status = mbedtls_test_opaque_cipher_encrypt_setup( &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, @@ -800,7 +809,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_cipher_decrypt_setup( + status = mbedtls_test_transparent_cipher_decrypt_setup( &operation->ctx.transparent_test_driver_ctx, attributes, key_buffer, @@ -831,8 +840,8 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: - status = test_opaque_cipher_decrypt_setup( + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + status = mbedtls_test_opaque_cipher_decrypt_setup( &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, @@ -871,12 +880,12 @@ psa_status_t psa_driver_wrapper_cipher_set_iv( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_cipher_set_iv( + return( mbedtls_test_transparent_cipher_set_iv( &operation->ctx.transparent_test_driver_ctx, iv, iv_length ) ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( test_opaque_cipher_set_iv( + return( mbedtls_test_opaque_cipher_set_iv( &operation->ctx.opaque_test_driver_ctx, iv, iv_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ @@ -912,13 +921,13 @@ psa_status_t psa_driver_wrapper_cipher_update( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_cipher_update( + return( mbedtls_test_transparent_cipher_update( &operation->ctx.transparent_test_driver_ctx, input, input_length, output, output_size, output_length ) ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( test_opaque_cipher_update( + return( mbedtls_test_opaque_cipher_update( &operation->ctx.opaque_test_driver_ctx, input, input_length, output, output_size, output_length ) ); @@ -954,12 +963,12 @@ psa_status_t psa_driver_wrapper_cipher_finish( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_cipher_finish( + return( mbedtls_test_transparent_cipher_finish( &operation->ctx.transparent_test_driver_ctx, output, output_size, output_length ) ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( test_opaque_cipher_finish( + return( mbedtls_test_opaque_cipher_finish( &operation->ctx.opaque_test_driver_ctx, output, output_size, output_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ @@ -988,7 +997,7 @@ psa_status_t psa_driver_wrapper_cipher_abort( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - status = test_transparent_cipher_abort( + status = mbedtls_test_transparent_cipher_abort( &operation->ctx.transparent_test_driver_ctx ); mbedtls_platform_zeroize( &operation->ctx.transparent_test_driver_ctx, @@ -996,7 +1005,7 @@ psa_status_t psa_driver_wrapper_cipher_abort( return( status ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - status = test_opaque_cipher_abort( + status = mbedtls_test_opaque_cipher_abort( &operation->ctx.opaque_test_driver_ctx ); mbedtls_platform_zeroize( &operation->ctx.opaque_test_driver_ctx, @@ -1025,7 +1034,7 @@ psa_status_t psa_driver_wrapper_hash_compute( /* Try accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_transparent_test_driver_hash_compute( + status = mbedtls_test_transparent_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -1057,7 +1066,7 @@ psa_status_t psa_driver_wrapper_hash_setup( /* Try setup on accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_transparent_test_driver_hash_setup( + status = mbedtls_test_transparent_hash_setup( &operation->ctx.test_driver_ctx, alg ); if( status == PSA_SUCCESS ) operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; @@ -1097,7 +1106,7 @@ psa_status_t psa_driver_wrapper_hash_clone( #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; - return( mbedtls_transparent_test_driver_hash_clone( + return( mbedtls_test_transparent_hash_clone( &source_operation->ctx.test_driver_ctx, &target_operation->ctx.test_driver_ctx ) ); #endif @@ -1121,7 +1130,7 @@ psa_status_t psa_driver_wrapper_hash_update( #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_transparent_test_driver_hash_update( + return( mbedtls_test_transparent_hash_update( &operation->ctx.test_driver_ctx, input, input_length ) ); #endif @@ -1147,7 +1156,7 @@ psa_status_t psa_driver_wrapper_hash_finish( #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_transparent_test_driver_hash_finish( + return( mbedtls_test_transparent_hash_finish( &operation->ctx.test_driver_ctx, hash, hash_size, hash_length ) ); #endif @@ -1170,7 +1179,7 @@ psa_status_t psa_driver_wrapper_hash_abort( #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_transparent_test_driver_hash_abort( + return( mbedtls_test_transparent_hash_abort( &operation->ctx.test_driver_ctx ) ); #endif default: @@ -1199,7 +1208,7 @@ psa_status_t psa_driver_wrapper_aead_encrypt( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_aead_encrypt( + status = mbedtls_test_transparent_aead_encrypt( attributes, key_buffer, key_buffer_size, alg, nonce, nonce_length, @@ -1251,7 +1260,7 @@ psa_status_t psa_driver_wrapper_aead_decrypt( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_aead_decrypt( + status = mbedtls_test_transparent_aead_decrypt( attributes, key_buffer, key_buffer_size, alg, nonce, nonce_length, diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index e49941138f..e82d0931bf 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -68,6 +68,11 @@ psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); +psa_status_t psa_driver_wrapper_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + /* * Cipher functions */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index cf07a3693a..0b1a3c1661 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -26,6 +26,7 @@ #include "psa/crypto.h" #include "psa_crypto_core.h" +#include "psa_crypto_driver_wrappers.h" #include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -274,6 +275,77 @@ exit: } #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + +static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_lifetime_t lifetime = PSA_KEY_LIFETIME_VOLATILE; + psa_drv_slot_number_t slot_number = 0; + size_t key_buffer_size = 0; + size_t key_buffer_length = 0; + + if( ! psa_key_id_is_builtin( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ) ) ) + { + return( PSA_ERROR_DOES_NOT_EXIST ); + } + + /* Check the platform function to see whether this key actually exists */ + status = mbedtls_psa_platform_get_builtin_key( + slot->attr.id, &lifetime, &slot_number ); + if( status != PSA_SUCCESS ) + return( status ); + + /* Set required key attributes to ensure get_builtin_key can retrieve the + * full attributes. */ + psa_set_key_id( &attributes, slot->attr.id ); + psa_set_key_lifetime( &attributes, lifetime ); + + /* Get the full key attributes from the driver in order to be able to + * calculate the required buffer size. */ + status = psa_driver_wrapper_get_builtin_key( + slot_number, &attributes, + NULL, 0, NULL ); + if( status != PSA_ERROR_BUFFER_TOO_SMALL ) + { + /* Builtin keys cannot be defined by the attributes alone */ + if( status == PSA_SUCCESS ) + status = PSA_ERROR_CORRUPTION_DETECTED; + return( status ); + } + + /* If the key should exist according to the platform, then ask the driver + * what its expected size is. */ + status = psa_driver_wrapper_get_key_buffer_size( &attributes, + &key_buffer_size ); + if( status != PSA_SUCCESS ) + return( status ); + + /* Allocate a buffer of the required size and load the builtin key directly + * into the (now properly sized) slot buffer. */ + status = psa_allocate_buffer_to_slot( slot, key_buffer_size ); + if( status != PSA_SUCCESS ) + return( status ); + + status = psa_driver_wrapper_get_builtin_key( + slot_number, &attributes, + slot->key.data, slot->key.bytes, &key_buffer_length ); + if( status != PSA_SUCCESS ) + goto exit; + + /* Copy actual key length and core attributes into the slot on success */ + slot->key.bytes = key_buffer_length; + slot->attr = attributes.core; + +exit: + if( status != PSA_SUCCESS ) + psa_remove_key_data_from_memory( slot ); + return( status ); +} +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot ) { @@ -291,17 +363,29 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, if( status != PSA_ERROR_DOES_NOT_EXIST ) return( status ); -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + /* Loading keys from storage requires support for such a mechanism */ +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \ + defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) psa_key_id_t volatile_key_id; status = psa_get_empty_key_slot( &volatile_key_id, p_slot ); if( status != PSA_SUCCESS ) return( status ); - (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT; (*p_slot)->attr.id = key; + (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT; + + status = PSA_ERROR_DOES_NOT_EXIST; +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + /* Load keys in the 'builtin' range through their own interface */ + status = psa_load_builtin_key_into_slot( *p_slot ); +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + if( status == PSA_ERROR_DOES_NOT_EXIST ) + status = psa_load_persistent_key_into_slot( *p_slot ); +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ - status = psa_load_persistent_key_into_slot( *p_slot ); if( status != PSA_SUCCESS ) { psa_wipe_key_slot( *p_slot ); @@ -309,9 +393,9 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, status = PSA_ERROR_INVALID_HANDLE; } return( status ); -#else +#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ return( PSA_ERROR_INVALID_HANDLE ); -#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ } psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) diff --git a/library/rsa.c b/library/rsa.c index 32eb74e2a9..209273e090 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -102,7 +102,7 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, ( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) || ( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) ) { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } if( N != NULL ) @@ -142,7 +142,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, cleanup: if( ret != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); return( 0 ); } @@ -293,7 +293,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) ) != 0 ) { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } ctx->len = mbedtls_mpi_size( &ctx->N ); @@ -308,7 +308,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D, &ctx->P, &ctx->Q ); if( ret != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } else if( d_missing ) @@ -318,7 +318,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) &ctx->E, &ctx->D ) ) != 0 ) { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } } @@ -333,7 +333,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, &ctx->DP, &ctx->DQ, &ctx->QP ); if( ret != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #endif /* MBEDTLS_RSA_NO_CRT */ @@ -461,13 +461,13 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, ( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) || ( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) ) { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #else if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, DP, DQ, QP ) ) != 0 ) { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #endif @@ -635,8 +635,9 @@ cleanup: if( ret != 0 ) { mbedtls_rsa_free( ctx ); + if( ( -ret & ~0x7f ) == 0 ) - ret = MBEDTLS_ERR_RSA_KEY_GEN_FAILED + ret; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret ); return( ret ); } @@ -769,7 +770,7 @@ cleanup: mbedtls_mpi_free( &T ); if( ret != 0 ) - return( MBEDTLS_ERR_RSA_PUBLIC_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) ); return( 0 ); } @@ -1085,7 +1086,7 @@ cleanup: mbedtls_mpi_free( &I ); if( ret != 0 && ret >= -0x007f ) - return( MBEDTLS_ERR_RSA_PRIVATE_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) ); return( ret ); } @@ -1198,7 +1199,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, /* Generate a random octet string seed */ if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 ) - return( MBEDTLS_ERR_RSA_RNG_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p += hlen; @@ -1287,7 +1288,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, /* Check if RNG failed to generate data */ if( rng_dl == 0 || ret != 0 ) - return( MBEDTLS_ERR_RSA_RNG_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p++; } @@ -1881,7 +1882,7 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, /* Generate salt of length slen in place in the encoded message */ salt = p; if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 ) - return( MBEDTLS_ERR_RSA_RNG_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p += slen; diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 4343b1186d..ac2c50a3ec 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1536,7 +1536,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #if defined(MBEDTLS_MD5_C) @@ -1669,8 +1668,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ - #if defined(MBEDTLS_ARIA_C) #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index e1d8de7524..0bb9592707 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2549,6 +2549,7 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char *end ) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + size_t dhm_actual_bitlen; /* * Ephemeral DH parameters: @@ -2566,10 +2567,11 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, return( ret ); } - if( ssl->handshake->dhm_ctx.len * 8 < ssl->conf->dhm_min_bitlen ) + dhm_actual_bitlen = mbedtls_mpi_bitlen( &ssl->handshake->dhm_ctx.P ); + if( dhm_actual_bitlen < ssl->conf->dhm_min_bitlen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u", - ssl->handshake->dhm_ctx.len * 8, + dhm_actual_bitlen, ssl->conf->dhm_min_bitlen ) ); return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index ee2085d3e7..b0b2eb303d 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -174,7 +174,7 @@ int mbedtls_ssl_cookie_write( void *p_ctx, #if defined(MBEDTLS_THREADING_C) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret ) ); #endif ret = ssl_cookie_hmac( &ctx->hmac_ctx, *p - 4, @@ -182,8 +182,8 @@ int mbedtls_ssl_cookie_write( void *p_ctx, #if defined(MBEDTLS_THREADING_C) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + - MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, + MBEDTLS_ERR_THREADING_MUTEX_ERROR ) ); #endif return( ret ); @@ -210,7 +210,7 @@ int mbedtls_ssl_cookie_check( void *p_ctx, #if defined(MBEDTLS_THREADING_C) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret ) ); #endif if( ssl_cookie_hmac( &ctx->hmac_ctx, cookie, @@ -220,8 +220,8 @@ int mbedtls_ssl_cookie_check( void *p_ctx, #if defined(MBEDTLS_THREADING_C) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + - MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, + MBEDTLS_ERR_THREADING_MUTEX_ERROR ) ); #endif if( ret != 0 ) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 51a0ac2051..3956a67d27 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -782,7 +782,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, &rec->data_len, transform->taglen ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt_ext", ret ); return( ret ); } MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag", @@ -1341,7 +1341,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * explicit_iv_len Bytes preceeding data, and taglen * bytes following data + data_len. This justifies * the debug message and the invocation of - * mbedtls_cipher_auth_decrypt() below. */ + * mbedtls_cipher_auth_decrypt_ext() below. */ MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", iv, transform->ivlen ); MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", data + rec->data_len, @@ -1357,7 +1357,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, data, rec->buf_len - (data - rec->buf), &olen, /* dst */ transform->taglen ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt_ext", ret ); if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) return( MBEDTLS_ERR_SSL_INVALID_MAC ); @@ -4871,7 +4871,6 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, else #endif { - ssl->out_ctr = ssl->out_hdr - 8; ssl->out_len = ssl->out_hdr + 3; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl->out_cid = ssl->out_len; @@ -4952,6 +4951,7 @@ void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ) else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { + ssl->out_ctr = ssl->out_buf; ssl->out_hdr = ssl->out_buf + 8; ssl->in_hdr = ssl->in_buf + 8; } @@ -5112,6 +5112,120 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_RENEGOTIATION */ +/* This function is called from mbedtls_ssl_read() when a handshake message is + * received after the initial handshake. In this context, handshake messages + * may only be sent for the purpose of initiating renegotiations. + * + * This function is introduced as a separate helper since the handling + * of post-handshake handshake messages changes significantly in TLS 1.3, + * and having a helper function allows to distinguish between TLS <= 1.2 and + * TLS 1.3 in the future without bloating the logic of mbedtls_ssl_read(). + */ +static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + /* + * - For client-side, expect SERVER_HELLO_REQUEST. + * - For server-side, expect CLIENT_HELLO. + * - Fail (TLS) or silently drop record (DTLS) in other cases. + */ + +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); + + /* With DTLS, drop the packet (probably from last handshake) */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + return( 0 ); + } +#endif + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } +#endif /* MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) ); + + /* With DTLS, drop the packet (probably from last handshake) */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + return( 0 ); + } +#endif + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + /* Determine whether renegotiation attempt should be accepted */ + if( ! ( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || + ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == + MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) ) + { + /* + * Accept renegotiation request + */ + + /* DTLS clients need to know renego is server-initiated */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + { + ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; + } +#endif + ret = mbedtls_ssl_start_renegotiation( ssl ); + if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_start_renegotiation", + ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + { + /* + * Refuse renegotiation + */ + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); + +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) + { + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) + { + return( ret ); + } + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || + MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } + + return( 0 ); +} + /* * Receive application data decrypted from the SSL layer */ @@ -5210,108 +5324,17 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received handshake message" ) ); - - /* - * - For client-side, expect SERVER_HELLO_REQUEST. - * - For server-side, expect CLIENT_HELLO. - * - Fail (TLS) or silently drop record (DTLS) in other cases. - */ - -#if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) ) + ret = ssl_handle_hs_message_post_handshake( ssl ); + if( ret != 0) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); - - /* With DTLS, drop the packet (probably from last handshake) */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - continue; - } -#endif - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } -#endif /* MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) ); - - /* With DTLS, drop the packet (probably from last handshake) */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - continue; - } -#endif - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } -#endif /* MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - /* Determine whether renegotiation attempt should be accepted */ - if( ! ( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || - ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == - MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) ) - { - /* - * Accept renegotiation request - */ - - /* DTLS clients need to know renego is server-initiated */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - { - ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; - } -#endif - ret = mbedtls_ssl_start_renegotiation( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_start_renegotiation", - ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - { - /* - * Refuse renegotiation - */ - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_WARNING, - MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) - { - return( ret ); - } - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || - MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_handle_hs_message_post_handshake", + ret ); + return( ret ); } - /* At this point, we don't know whether the renegotiation has been - * completed or not. The cases to consider are the following: + /* At this point, we don't know whether the renegotiation triggered + * by the post-handshake message has been completed or not. The cases + * to consider are the following: * 1) The renegotiation is complete. In this case, no new record * has been read yet. * 2) The renegotiation is incomplete because the client received @@ -5319,7 +5342,8 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) * 3) The renegotiation is incomplete because the client received * a non-handshake, non-application data message while awaiting * the ServerHello. - * In each of these case, looping will be the proper action: + * + * In each of these cases, looping will be the proper action: * - For 1), the next iteration will read a new record and check * if it's application data. * - For 2), the loop condition isn't satisfied as application data @@ -5328,6 +5352,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) * will re-deliver the message that was held back by the client * when expecting the ServerHello. */ + continue; } #if defined(MBEDTLS_SSL_RENEGOTIATION) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 3d1b84f5f1..a690889191 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4180,24 +4180,6 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - - if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 || - ( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); - } - - return( 0 ); -} -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, const unsigned char *dhm_P, size_t P_len, const unsigned char *dhm_G, size_t G_len ) @@ -4722,13 +4704,6 @@ size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ) return( max_len ); } - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ) -{ - return mbedtls_ssl_get_output_max_frag_len( ssl ); -} -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_PROTO_DTLS) diff --git a/library/version_features.c b/library/version_features.c index 39b877a811..ce263ec397 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -300,9 +300,6 @@ static const char * const features[] = { #if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", #endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ -#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) - "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", -#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) "MBEDTLS_REMOVE_3DES_CIPHERSUITES", #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ @@ -435,6 +432,9 @@ static const char * const features[] = { #if defined(MBEDTLS_PKCS1_V21) "MBEDTLS_PKCS1_V21", #endif /* MBEDTLS_PKCS1_V21 */ +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) "MBEDTLS_PSA_CRYPTO_CLIENT", #endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ @@ -594,6 +594,9 @@ static const char * const features[] = { #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ +#if defined(MBEDTLS_X509_REMOVE_INFO) + "MBEDTLS_X509_REMOVE_INFO", +#endif /* MBEDTLS_X509_REMOVE_INFO */ #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) "MBEDTLS_X509_RSASSA_PSS_SUPPORT", #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ diff --git a/library/x509.c b/library/x509.c index f0a9101e5f..2e11c7fcef 100644 --- a/library/x509.c +++ b/library/x509.c @@ -81,18 +81,18 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_SERIAL + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) && **p != MBEDTLS_ASN1_INTEGER ) - return( MBEDTLS_ERR_X509_INVALID_SERIAL + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); serial->tag = *(*p)++; if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_SERIAL + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, ret ) ); serial->p = *p; *p += serial->len; @@ -112,7 +112,7 @@ int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); return( 0 ); } @@ -126,7 +126,7 @@ int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); return( 0 ); } @@ -151,39 +151,39 @@ static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md /* Make sure we got a SEQUENCE and setup bounds */ if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); p = alg->p; end = p + alg->len; if( p >= end ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); /* Parse md_oid */ md_oid.tag = *p; if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); md_oid.p = p; p += md_oid.len; /* Get md_alg from md_oid */ if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); /* Make sure params is absent of NULL */ if( p == end ) return( 0 ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p != end ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -217,8 +217,8 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, /* Make sure params is a SEQUENCE and setup bounds */ if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); p = (unsigned char *) params->p; end = p + params->len; @@ -239,14 +239,14 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, return( ret ); if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p == end ) return( 0 ); @@ -265,19 +265,19 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, /* Only MFG1 is recognised for now */ if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 ) - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE + - MBEDTLS_ERR_OID_NOT_FOUND ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE, + MBEDTLS_ERR_OID_NOT_FOUND ) ); /* Parse HashAlgorithm */ if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) return( ret ); if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p == end ) return( 0 ); @@ -291,14 +291,14 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, end2 = p + len; if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p == end ) return( 0 ); @@ -314,21 +314,21 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, end2 = p + len; if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); if( trailer_field != 1 ) return( MBEDTLS_ERR_X509_INVALID_ALG ); } else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p != end ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -354,47 +354,47 @@ static int x509_get_attr_type_value( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); end = *p + len; if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); oid = &cur->oid; oid->tag = **p; if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); oid->p = *p; *p += oid->len; if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING && **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING && **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING && **p != MBEDTLS_ASN1_BIT_STRING ) - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); val = &cur->val; val->tag = *(*p)++; if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); val->p = *p; *p += val->len; if( *p != end ) { - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } cur->next = NULL; @@ -440,7 +440,7 @@ int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, */ if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); end_set = *p + set_len; @@ -604,8 +604,8 @@ int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, unsigned char tag; if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); tag = **p; @@ -614,14 +614,14 @@ int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME ) year_len = 4; else - return( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); (*p)++; ret = mbedtls_asn1_get_len( p, end, &len ); if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) ); return x509_parse_time( p, len, year_len, tm ); } @@ -633,13 +633,13 @@ int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x int tag_type; if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); tag_type = **p; if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE, ret ) ); sig->tag = tag_type; sig->len = len; @@ -663,7 +663,7 @@ int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x50 return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret ) ); #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) if( *pk_alg == MBEDTLS_PK_RSASSA_PSS ) @@ -714,7 +714,7 @@ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, ret = mbedtls_asn1_get_tag( p, end, &ext->len, MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag ); if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); ext->tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag; ext->p = *p; @@ -725,11 +725,11 @@ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( end != *p + len ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -831,6 +831,7 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se return( (int) ( size - n ) ); } +#if !defined(MBEDTLS_X509_REMOVE_INFO) /* * Helper for writing signature algorithms */ @@ -875,6 +876,7 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *s return( (int)( size - n ) ); } +#endif /* MBEDTLS_X509_REMOVE_INFO */ /* * Helper for writing "RSA key size", "EC key size", etc diff --git a/library/x509_crl.c b/library/x509_crl.c index edeb39b02d..e6efdca5cd 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -79,7 +79,7 @@ static int x509_crl_get_version( unsigned char **p, return( 0 ); } - return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); } return( 0 ); @@ -125,7 +125,7 @@ static int x509_get_crl_ext( unsigned char **p, /* Get enclosing sequence tag */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); end_ext_data = *p + len; @@ -133,7 +133,7 @@ static int x509_get_crl_ext( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, MBEDTLS_ASN1_OID ) ) != 0 ) { - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); } *p += len; @@ -142,29 +142,29 @@ static int x509_get_crl_ext( unsigned char **p, &is_critical ) ) != 0 && ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) { - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); } /* Data should be octet string type */ if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* Ignore data so far and just check its length */ *p += len; if( *p != end_ext_data ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* Abort on (unsupported) critical extensions */ if( is_critical ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -198,27 +198,27 @@ static int x509_get_crl_entry_ext( unsigned char **p, ext->p = NULL; return( 0 ); } - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); } end = *p + ext->len; if( end != *p + ext->len ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); while( *p < end ) { if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); *p += len; } if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -364,8 +364,8 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, if( len != (size_t) ( end - p ) ) { mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } /* @@ -377,7 +377,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } end = p + len; @@ -421,7 +421,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 ) @@ -444,10 +444,10 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 ) { - if( ret != ( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) && - ret != ( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ) + if( ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) && + ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ) ) { mbedtls_x509_crl_free( crl ); return( ret ); @@ -486,8 +486,8 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, if( p != end ) { mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } end = crl->raw.p + crl->raw.len; @@ -521,8 +521,8 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, if( p != end ) { mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } return( 0 ); @@ -614,6 +614,7 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ) } #endif /* MBEDTLS_FS_IO */ +#if !defined(MBEDTLS_X509_REMOVE_INFO) /* * Return an informational string about the certificate. */ @@ -693,6 +694,7 @@ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, return( (int) ( size - n ) ); } +#endif /* MBEDTLS_X509_REMOVE_INFO */ /* * Initialize a CRL chain diff --git a/library/x509_crt.c b/library/x509_crt.c index 783f3ba5c3..7aefaa7432 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -393,17 +393,17 @@ static int x509_get_version( unsigned char **p, return( 0 ); } - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } end = *p + len; if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_VERSION + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -423,7 +423,7 @@ static int x509_get_dates( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) ); end = *p + len; @@ -434,8 +434,8 @@ static int x509_get_dates( unsigned char **p, return( ret ); if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -460,7 +460,7 @@ static int x509_get_uid( unsigned char **p, if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) return( 0 ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } uid->p = *p; @@ -487,7 +487,7 @@ static int x509_get_basic_constraints( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *p == end ) return( 0 ); @@ -498,7 +498,7 @@ static int x509_get_basic_constraints( unsigned char **p, ret = mbedtls_asn1_get_int( p, end, ca_istrue ); if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *ca_istrue != 0 ) *ca_istrue = 1; @@ -508,17 +508,17 @@ static int x509_get_basic_constraints( unsigned char **p, return( 0 ); if( ( ret = mbedtls_asn1_get_int( p, end, max_pathlen ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* Do not accept max_pathlen equal to INT_MAX to avoid a signed integer * overflow, which is an undefined behavior. */ if( *max_pathlen == INT_MAX ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); (*max_pathlen)++; @@ -533,11 +533,11 @@ static int x509_get_ns_cert_type( unsigned char **p, mbedtls_x509_bitstring bs = { 0, 0, NULL }; if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( bs.len != 1 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); /* Get actual bitstring */ *ns_cert_type = *bs.p; @@ -553,11 +553,11 @@ static int x509_get_key_usage( unsigned char **p, mbedtls_x509_bitstring bs = { 0, 0, NULL }; if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( bs.len < 1 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); /* Get actual bitstring */ *key_usage = 0; @@ -581,12 +581,12 @@ static int x509_get_ext_key_usage( unsigned char **p, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* Sequence length must be >= 1 */ if( ext_key_usage->buf.p == NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); return( 0 ); } @@ -631,11 +631,11 @@ static int x509_get_subject_alt_name( unsigned char **p, /* Get main sequence tag */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *p + len != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); while( *p < end ) { @@ -645,13 +645,13 @@ static int x509_get_subject_alt_name( unsigned char **p, tag = **p; (*p)++; if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( ( tag & MBEDTLS_ASN1_TAG_CLASS_MASK ) != MBEDTLS_ASN1_CONTEXT_SPECIFIC ) { - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } /* @@ -687,8 +687,8 @@ static int x509_get_subject_alt_name( unsigned char **p, cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); if( cur->next == NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_ALLOC_FAILED ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_ALLOC_FAILED ) ); cur = cur->next; } @@ -704,8 +704,8 @@ static int x509_get_subject_alt_name( unsigned char **p, cur->next = NULL; if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -772,18 +772,18 @@ static int x509_get_certificate_policies( unsigned char **p, ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ); if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *p + len != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* * Cannot be an empty sequence. */ if( len == 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); while( *p < end ) { @@ -795,13 +795,13 @@ static int x509_get_certificate_policies( unsigned char **p, */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); policy_end = *p + len; if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); policy_oid.tag = MBEDTLS_ASN1_OID; policy_oid.len = len; @@ -829,8 +829,8 @@ static int x509_get_certificate_policies( unsigned char **p, cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); if( cur->next == NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_ALLOC_FAILED ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_ALLOC_FAILED ) ); cur = cur->next; } @@ -850,7 +850,7 @@ static int x509_get_certificate_policies( unsigned char **p, { if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* * Skip the optional policy qualifiers. */ @@ -858,16 +858,16 @@ static int x509_get_certificate_policies( unsigned char **p, } if( *p != policy_end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } /* Set final sequence entry's next pointer to NULL */ cur->next = NULL; if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( parse_ret ); } @@ -907,14 +907,14 @@ static int x509_get_crt_ext( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); end_ext_data = *p + len; /* Get extension ID */ if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &extn_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); extn_oid.tag = MBEDTLS_ASN1_OID; extn_oid.p = *p; @@ -923,19 +923,19 @@ static int x509_get_crt_ext( unsigned char **p, /* Get optional critical */ if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 && ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* Data should be octet string type */ if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); start_ext_octet = *p; end_ext_octet = *p + len; if( end_ext_octet != end_ext_data ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* * Detect supported extensions @@ -961,8 +961,8 @@ static int x509_get_crt_ext( unsigned char **p, if( is_critical ) { /* Data is marked as critical: fail */ - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } #endif continue; @@ -1055,8 +1055,8 @@ static int x509_get_crt_ext( unsigned char **p, } if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -1134,7 +1134,7 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } end = p + len; @@ -1181,7 +1181,7 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 ) @@ -1214,7 +1214,7 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) @@ -1279,8 +1279,8 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, if( p != end ) { mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } end = crt_end; @@ -1318,8 +1318,8 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, if( p != end ) { mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } return( 0 ); @@ -1702,7 +1702,7 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); cur_oid.tag = MBEDTLS_ASN1_OID; cur_oid.p = p; @@ -1719,20 +1719,20 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, if( p + len >= end ) { mbedtls_platform_zeroize( other_name, sizeof( *other_name ) ); - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } p += len; if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); other_name->value.hardware_module_name.oid.tag = MBEDTLS_ASN1_OID; other_name->value.hardware_module_name.oid.p = p; @@ -1741,13 +1741,13 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, if( p + len >= end ) { mbedtls_platform_zeroize( other_name, sizeof( *other_name ) ); - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } p += len; if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); other_name->value.hardware_module_name.val.tag = MBEDTLS_ASN1_OCTET_STRING; other_name->value.hardware_module_name.val.p = p; @@ -1757,12 +1757,63 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, { mbedtls_platform_zeroize( other_name, sizeof( *other_name ) ); - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } return( 0 ); } +int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, + mbedtls_x509_subject_alternative_name *san ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + switch( san_buf->tag & + ( MBEDTLS_ASN1_TAG_CLASS_MASK | + MBEDTLS_ASN1_TAG_VALUE_MASK ) ) + { + /* + * otherName + */ + case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME ): + { + mbedtls_x509_san_other_name other_name; + + ret = x509_get_other_name( san_buf, &other_name ); + if( ret != 0 ) + return( ret ); + + memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); + san->type = MBEDTLS_X509_SAN_OTHER_NAME; + memcpy( &san->san.other_name, + &other_name, sizeof( other_name ) ); + + } + break; + + /* + * dNSName + */ + case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME ): + { + memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); + san->type = MBEDTLS_X509_SAN_DNS_NAME; + + memcpy( &san->san.unstructured_name, + san_buf, sizeof( *san_buf ) ); + + } + break; + + /* + * Type not supported + */ + default: + return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + } + return( 0 ); +} + +#if !defined(MBEDTLS_X509_REMOVE_INFO) static int x509_info_subject_alt_name( char **buf, size_t *size, const mbedtls_x509_sequence *subject_alt_name, @@ -1876,56 +1927,6 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, return( 0 ); } -int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, - mbedtls_x509_subject_alternative_name *san ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - switch( san_buf->tag & - ( MBEDTLS_ASN1_TAG_CLASS_MASK | - MBEDTLS_ASN1_TAG_VALUE_MASK ) ) - { - /* - * otherName - */ - case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME ): - { - mbedtls_x509_san_other_name other_name; - - ret = x509_get_other_name( san_buf, &other_name ); - if( ret != 0 ) - return( ret ); - - memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); - san->type = MBEDTLS_X509_SAN_OTHER_NAME; - memcpy( &san->san.other_name, - &other_name, sizeof( other_name ) ); - - } - break; - - /* - * dNSName - */ - case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME ): - { - memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); - san->type = MBEDTLS_X509_SAN_DNS_NAME; - - memcpy( &san->san.unstructured_name, - san_buf, sizeof( *san_buf ) ); - - } - break; - - /* - * Type not supported - */ - default: - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); - } - return( 0 ); -} - #define PRINT_ITEM(i) \ { \ ret = mbedtls_snprintf( p, n, "%s" i, sep ); \ @@ -2199,29 +2200,12 @@ struct x509_crt_verify_string { const char *string; }; +#define X509_CRT_ERROR_INFO( err, err_str, info ) { err, info }, static const struct x509_crt_verify_string x509_crt_verify_strings[] = { - { MBEDTLS_X509_BADCERT_EXPIRED, "The certificate validity has expired" }, - { MBEDTLS_X509_BADCERT_REVOKED, "The certificate has been revoked (is on a CRL)" }, - { MBEDTLS_X509_BADCERT_CN_MISMATCH, "The certificate Common Name (CN) does not match with the expected CN" }, - { MBEDTLS_X509_BADCERT_NOT_TRUSTED, "The certificate is not correctly signed by the trusted CA" }, - { MBEDTLS_X509_BADCRL_NOT_TRUSTED, "The CRL is not correctly signed by the trusted CA" }, - { MBEDTLS_X509_BADCRL_EXPIRED, "The CRL is expired" }, - { MBEDTLS_X509_BADCERT_MISSING, "Certificate was missing" }, - { MBEDTLS_X509_BADCERT_SKIP_VERIFY, "Certificate verification was skipped" }, - { MBEDTLS_X509_BADCERT_OTHER, "Other reason (can be used by verify callback)" }, - { MBEDTLS_X509_BADCERT_FUTURE, "The certificate validity starts in the future" }, - { MBEDTLS_X509_BADCRL_FUTURE, "The CRL is from the future" }, - { MBEDTLS_X509_BADCERT_KEY_USAGE, "Usage does not match the keyUsage extension" }, - { MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" }, - { MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" }, - { MBEDTLS_X509_BADCERT_BAD_MD, "The certificate is signed with an unacceptable hash." }, - { MBEDTLS_X509_BADCERT_BAD_PK, "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, - { MBEDTLS_X509_BADCERT_BAD_KEY, "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." }, - { MBEDTLS_X509_BADCRL_BAD_MD, "The CRL is signed with an unacceptable hash." }, - { MBEDTLS_X509_BADCRL_BAD_PK, "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, - { MBEDTLS_X509_BADCRL_BAD_KEY, "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." }, + MBEDTLS_X509_CRT_ERROR_INFO_LIST { 0, NULL } }; +#undef X509_CRT_ERROR_INFO int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, uint32_t flags ) @@ -2250,6 +2234,7 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, return( (int) ( size - n ) ); } +#endif /* MBEDTLS_X509_REMOVE_INFO */ #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, diff --git a/library/x509_csr.c b/library/x509_csr.c index 5463f8a9e0..25069b2a4c 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -73,7 +73,7 @@ static int x509_csr_get_version( unsigned char **p, return( 0 ); } - return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); } return( 0 ); @@ -131,8 +131,8 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, if( len != (size_t) ( end - p ) ) { mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } /* @@ -144,7 +144,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } end = p + len; @@ -176,7 +176,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 ) @@ -210,7 +210,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) { mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } p += len; @@ -244,8 +244,8 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, if( p != end ) { mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } return( 0 ); @@ -323,6 +323,7 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ) } #endif /* MBEDTLS_FS_IO */ +#if !defined(MBEDTLS_X509_REMOVE_INFO) #define BEFORE_COLON 14 #define BC "14" /* @@ -367,6 +368,7 @@ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, return( (int) ( size - n ) ); } +#endif /* MBEDTLS_X509_REMOVE_INFO */ /* * Initialize a CSR diff --git a/programs/.gitignore b/programs/.gitignore index ad3bc7c08d..4e66f4c0f8 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -8,7 +8,6 @@ *.o *.exe -aes/aescrypt2 aes/crypt_and_hash hash/generic_sum hash/hello diff --git a/programs/Makefile b/programs/Makefile index b194c69088..0f1356e76a 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -50,7 +50,6 @@ SHARED_SUFFIX= endif APPS = \ - aes/aescrypt2$(EXEXT) \ aes/crypt_and_hash$(EXEXT) \ hash/generic_sum$(EXEXT) \ hash/hello$(EXEXT) \ @@ -132,10 +131,6 @@ $(MBEDLIBS): ${MBEDTLS_TEST_OBJS}: $(MAKE) -C ../tests mbedtls_test -aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP) - echo " CC aes/aescrypt2.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/aescrypt2.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c $(DEP) echo " CC aes/crypt_and_hash.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/crypt_and_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/README.md b/programs/README.md index 93773baef6..f53bde5611 100644 --- a/programs/README.md +++ b/programs/README.md @@ -5,9 +5,6 @@ This subdirectory mostly contains sample programs that illustrate specific featu ## Symmetric cryptography (AES) examples -* [`aes/aescrypt2.c`](aes/aescrypt2.c): file encryption and authentication with a key derived from a low-entropy secret, demonstrating the low-level AES interface, the digest interface and HMAC. - Warning: this program illustrates how to use low-level functions in the library. It should not be taken as an example of how to build a secure encryption mechanism. To derive a key from a low-entropy secret such as a password, use a standard key stretching mechanism such as PBKDF2 (provided by the `pkcs5` module). To encrypt and authenticate data, use a standard mode such as GCM or CCM (both available as library module). - * [`aes/crypt_and_hash.c`](aes/crypt_and_hash.c): file encryption and authentication, demonstrating the generic cipher interface and the generic hash interface. ## Hash (digest) examples diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt index 6b8ce2ab43..62a54c7683 100644 --- a/programs/aes/CMakeLists.txt +++ b/programs/aes/CMakeLists.txt @@ -1,5 +1,4 @@ set(executables - aescrypt2 crypt_and_hash ) diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c deleted file mode 100644 index 95d64d911b..0000000000 --- a/programs/aes/aescrypt2.c +++ /dev/null @@ -1,468 +0,0 @@ -/* - * AES-256 file encryption program - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* Enable definition of fileno() even when compiling with -std=c99. Must be - * set before config.h, which pulls in glibc's features.h indirectly. - * Harmless on other platforms. */ -#define _POSIX_C_SOURCE 200112L - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#include "mbedtls/aes.h" -#include "mbedtls/md.h" -#include "mbedtls/platform_util.h" - -#include -#include -#include - -#if defined(_WIN32) -#include -#if !defined(_WIN32_WCE) -#include -#endif -#else -#include -#include -#endif - -#define MODE_ENCRYPT 0 -#define MODE_DECRYPT 1 - -#define USAGE \ - "\n aescrypt2 \n" \ - "\n : 0 = encrypt, 1 = decrypt\n" \ - "\n example: aescrypt2 0 file file.aes hex:E76B2413958B00E193\n" \ - "\n" - -#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_SHA256_C) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_MD_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_SHA256_C " - "and/or MBEDTLS_FS_IO and/or MBEDTLS_MD_C " - "not defined.\n"); - mbedtls_exit( 0 ); -} -#else - - -int main( int argc, char *argv[] ) -{ - int ret = 0; - int exit_code = MBEDTLS_EXIT_FAILURE; - - unsigned int i, n; - int mode, lastn; - size_t keylen; - FILE *fkey, *fin = NULL, *fout = NULL; - - char *p; - - unsigned char IV[16]; - unsigned char tmp[16]; - unsigned char key[512]; - unsigned char digest[64]; - unsigned char buffer[1024]; - unsigned char diff; - - mbedtls_aes_context aes_ctx; - mbedtls_md_context_t sha_ctx; - -#if defined(_WIN32_WCE) - long filesize, offset; -#elif defined(_WIN32) - LARGE_INTEGER li_size; - __int64 filesize, offset; -#else - off_t filesize, offset; -#endif - - mbedtls_aes_init( &aes_ctx ); - mbedtls_md_init( &sha_ctx ); - - ret = mbedtls_md_setup( &sha_ctx, mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), 1 ); - if( ret != 0 ) - { - mbedtls_printf( " ! mbedtls_md_setup() returned -0x%04x\n", (unsigned int) -ret ); - goto exit; - } - - /* - * Parse the command-line arguments. - */ - if( argc != 5 ) - { - mbedtls_printf( USAGE ); - -#if defined(_WIN32) - mbedtls_printf( "\n Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - goto exit; - } - - mode = atoi( argv[1] ); - memset( IV, 0, sizeof( IV ) ); - memset( key, 0, sizeof( key ) ); - memset( digest, 0, sizeof( digest ) ); - memset( buffer, 0, sizeof( buffer ) ); - - if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT ) - { - mbedtls_fprintf( stderr, "invalide operation mode\n" ); - goto exit; - } - - if( strcmp( argv[2], argv[3] ) == 0 ) - { - mbedtls_fprintf( stderr, "input and output filenames must differ\n" ); - goto exit; - } - - if( ( fin = fopen( argv[2], "rb" ) ) == NULL ) - { - mbedtls_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] ); - goto exit; - } - - if( ( fout = fopen( argv[3], "wb+" ) ) == NULL ) - { - mbedtls_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] ); - goto exit; - } - - /* - * Read the secret key from file or command line - */ - if( ( fkey = fopen( argv[4], "rb" ) ) != NULL ) - { - keylen = fread( key, 1, sizeof( key ), fkey ); - fclose( fkey ); - } - else - { - if( memcmp( argv[4], "hex:", 4 ) == 0 ) - { - p = &argv[4][4]; - keylen = 0; - - while( sscanf( p, "%02X", &n ) > 0 && - keylen < (int) sizeof( key ) ) - { - key[keylen++] = (unsigned char) n; - p += 2; - } - } - else - { - keylen = strlen( argv[4] ); - - if( keylen > (int) sizeof( key ) ) - keylen = (int) sizeof( key ); - - memcpy( key, argv[4], keylen ); - } - } - -#if defined(_WIN32_WCE) - filesize = fseek( fin, 0L, SEEK_END ); -#else -#if defined(_WIN32) - /* - * Support large files (> 2Gb) on Win32 - */ - li_size.QuadPart = 0; - li_size.LowPart = - SetFilePointer( (HANDLE) _get_osfhandle( _fileno( fin ) ), - li_size.LowPart, &li_size.HighPart, FILE_END ); - - if( li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR ) - { - mbedtls_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" ); - goto exit; - } - - filesize = li_size.QuadPart; -#else - if( ( filesize = lseek( fileno( fin ), 0, SEEK_END ) ) < 0 ) - { - perror( "lseek" ); - goto exit; - } -#endif -#endif - - if( fseek( fin, 0, SEEK_SET ) < 0 ) - { - mbedtls_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" ); - goto exit; - } - - if( mode == MODE_ENCRYPT ) - { - /* - * Generate the initialization vector as: - * IV = SHA-256( filesize || filename )[0..15] - */ - for( i = 0; i < 8; i++ ) - buffer[i] = (unsigned char)( filesize >> ( i << 3 ) ); - - p = argv[2]; - - mbedtls_md_starts( &sha_ctx ); - mbedtls_md_update( &sha_ctx, buffer, 8 ); - mbedtls_md_update( &sha_ctx, (unsigned char *) p, strlen( p ) ); - mbedtls_md_finish( &sha_ctx, digest ); - - memcpy( IV, digest, 16 ); - - /* - * The last four bits in the IV are actually used - * to store the file size modulo the AES block size. - */ - lastn = (int)( filesize & 0x0F ); - - IV[15] = (unsigned char) - ( ( IV[15] & 0xF0 ) | lastn ); - - /* - * Append the IV at the beginning of the output. - */ - if( fwrite( IV, 1, 16, fout ) != 16 ) - { - mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 ); - goto exit; - } - - /* - * Hash the IV and the secret key together 8192 times - * using the result to setup the AES context and HMAC. - */ - memset( digest, 0, 32 ); - memcpy( digest, IV, 16 ); - - for( i = 0; i < 8192; i++ ) - { - mbedtls_md_starts( &sha_ctx ); - mbedtls_md_update( &sha_ctx, digest, 32 ); - mbedtls_md_update( &sha_ctx, key, keylen ); - mbedtls_md_finish( &sha_ctx, digest ); - } - - mbedtls_aes_setkey_enc( &aes_ctx, digest, 256 ); - mbedtls_md_hmac_starts( &sha_ctx, digest, 32 ); - - /* - * Encrypt and write the ciphertext. - */ - for( offset = 0; offset < filesize; offset += 16 ) - { - n = ( filesize - offset > 16 ) ? 16 : (int) - ( filesize - offset ); - - if( fread( buffer, 1, n, fin ) != (size_t) n ) - { - mbedtls_fprintf( stderr, "fread(%u bytes) failed\n", n ); - goto exit; - } - - for( i = 0; i < 16; i++ ) - buffer[i] = (unsigned char)( buffer[i] ^ IV[i] ); - - mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, buffer, buffer ); - mbedtls_md_hmac_update( &sha_ctx, buffer, 16 ); - - if( fwrite( buffer, 1, 16, fout ) != 16 ) - { - mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 ); - goto exit; - } - - memcpy( IV, buffer, 16 ); - } - - /* - * Finally write the HMAC. - */ - mbedtls_md_hmac_finish( &sha_ctx, digest ); - - if( fwrite( digest, 1, 32, fout ) != 32 ) - { - mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 ); - goto exit; - } - } - - if( mode == MODE_DECRYPT ) - { - /* - * The encrypted file must be structured as follows: - * - * 00 .. 15 Initialization Vector - * 16 .. 31 AES Encrypted Block #1 - * .. - * N*16 .. (N+1)*16 - 1 AES Encrypted Block #N - * (N+1)*16 .. (N+1)*16 + 32 HMAC-SHA-256(ciphertext) - */ - if( filesize < 48 ) - { - mbedtls_fprintf( stderr, "File too short to be encrypted.\n" ); - goto exit; - } - - if( ( filesize & 0x0F ) != 0 ) - { - mbedtls_fprintf( stderr, "File size not a multiple of 16.\n" ); - goto exit; - } - - /* - * Subtract the IV + HMAC length. - */ - filesize -= ( 16 + 32 ); - - /* - * Read the IV and original filesize modulo 16. - */ - if( fread( buffer, 1, 16, fin ) != 16 ) - { - mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 ); - goto exit; - } - - memcpy( IV, buffer, 16 ); - lastn = IV[15] & 0x0F; - - /* - * Hash the IV and the secret key together 8192 times - * using the result to setup the AES context and HMAC. - */ - memset( digest, 0, 32 ); - memcpy( digest, IV, 16 ); - - for( i = 0; i < 8192; i++ ) - { - mbedtls_md_starts( &sha_ctx ); - mbedtls_md_update( &sha_ctx, digest, 32 ); - mbedtls_md_update( &sha_ctx, key, keylen ); - mbedtls_md_finish( &sha_ctx, digest ); - } - - mbedtls_aes_setkey_dec( &aes_ctx, digest, 256 ); - mbedtls_md_hmac_starts( &sha_ctx, digest, 32 ); - - /* - * Decrypt and write the plaintext. - */ - for( offset = 0; offset < filesize; offset += 16 ) - { - if( fread( buffer, 1, 16, fin ) != 16 ) - { - mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 ); - goto exit; - } - - memcpy( tmp, buffer, 16 ); - - mbedtls_md_hmac_update( &sha_ctx, buffer, 16 ); - mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_DECRYPT, buffer, buffer ); - - for( i = 0; i < 16; i++ ) - buffer[i] = (unsigned char)( buffer[i] ^ IV[i] ); - - memcpy( IV, tmp, 16 ); - - n = ( lastn > 0 && offset == filesize - 16 ) - ? lastn : 16; - - if( fwrite( buffer, 1, n, fout ) != (size_t) n ) - { - mbedtls_fprintf( stderr, "fwrite(%u bytes) failed\n", n ); - goto exit; - } - } - - /* - * Verify the message authentication code. - */ - mbedtls_md_hmac_finish( &sha_ctx, digest ); - - if( fread( buffer, 1, 32, fin ) != 32 ) - { - mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 32 ); - goto exit; - } - - /* Use constant-time buffer comparison */ - diff = 0; - for( i = 0; i < 32; i++ ) - diff |= digest[i] ^ buffer[i]; - - if( diff != 0 ) - { - mbedtls_fprintf( stderr, "HMAC check failed: wrong key, " - "or file corrupted.\n" ); - goto exit; - } - } - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - if( fin ) - fclose( fin ); - if( fout ) - fclose( fout ); - - /* Zeroize all command line arguments to also cover - the case when the user has missed or reordered some, - in which case the key might not be in argv[4]. */ - for( i = 0; i < (unsigned int) argc; i++ ) - mbedtls_platform_zeroize( argv[i], strlen( argv[i] ) ); - - mbedtls_platform_zeroize( IV, sizeof( IV ) ); - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - mbedtls_platform_zeroize( buffer, sizeof( buffer ) ); - mbedtls_platform_zeroize( digest, sizeof( digest ) ); - - mbedtls_aes_free( &aes_ctx ); - mbedtls_md_free( &sha_ctx ); - - mbedtls_exit( exit_code ); -} -#endif /* MBEDTLS_AES_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */ diff --git a/programs/fuzz/fuzz_x509crl.c b/programs/fuzz/fuzz_x509crl.c index 02f521cc8d..15affb59b8 100644 --- a/programs/fuzz/fuzz_x509crl.c +++ b/programs/fuzz/fuzz_x509crl.c @@ -9,9 +9,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { mbedtls_x509_crl_init( &crl ); ret = mbedtls_x509_crl_parse( &crl, Data, Size ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if (ret == 0) { ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl ); } +#else + ((void) ret); + ((void) buf); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crl_free( &crl ); #else (void) Data; diff --git a/programs/fuzz/fuzz_x509crt.c b/programs/fuzz/fuzz_x509crt.c index 8f593a1414..dbc153c499 100644 --- a/programs/fuzz/fuzz_x509crt.c +++ b/programs/fuzz/fuzz_x509crt.c @@ -9,9 +9,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { mbedtls_x509_crt_init( &crt ); ret = mbedtls_x509_crt_parse( &crt, Data, Size ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if (ret == 0) { ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", &crt ); } +#else + ((void) ret); + ((void) buf); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crt_free( &crt ); #else (void) Data; diff --git a/programs/fuzz/fuzz_x509csr.c b/programs/fuzz/fuzz_x509csr.c index 3cf28a6fa7..a270742a97 100644 --- a/programs/fuzz/fuzz_x509csr.c +++ b/programs/fuzz/fuzz_x509csr.c @@ -9,9 +9,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { mbedtls_x509_csr_init( &csr ); ret = mbedtls_x509_csr_parse( &csr, Data, Size ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if (ret == 0) { ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr ); } +#else + ((void) ret); + ((void) buf); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_csr_free( &csr ); #else (void) Data; diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 47d5de6425..5d643492b2 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -365,6 +365,8 @@ static psa_status_t wrap_data( const char *input_file_name, psa_status_t status; FILE *input_file = NULL; FILE *output_file = NULL; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t key_type; long input_position; size_t input_size; size_t buffer_size = 0; @@ -385,7 +387,10 @@ static psa_status_t wrap_data( const char *input_file_name, } #endif input_size = input_position; - buffer_size = PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, input_size ); + PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes ) ); + key_type = psa_get_key_type( &attributes ); + buffer_size = + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, input_size ); /* Check for integer overflow. */ if( buffer_size < input_size ) { @@ -442,6 +447,8 @@ static psa_status_t unwrap_data( const char *input_file_name, psa_status_t status; FILE *input_file = NULL; FILE *output_file = NULL; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t key_type; unsigned char *buffer = NULL; size_t ciphertext_size = 0; size_t plaintext_size; @@ -465,8 +472,10 @@ static psa_status_t unwrap_data( const char *input_file_name, status = DEMO_ERROR; goto exit; } + PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes) ); + key_type = psa_get_key_type( &attributes); ciphertext_size = - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, header.payload_size ); + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, header.payload_size ); /* Check for integer overflow. */ if( ciphertext_size < header.payload_size ) { diff --git a/programs/psa/psa_constant_names_generated.c b/programs/psa/psa_constant_names_generated.c index 2175af9ff8..dcbe87ff0d 100644 --- a/programs/psa/psa_constant_names_generated.c +++ b/programs/psa/psa_constant_names_generated.c @@ -169,11 +169,11 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { append(&buffer, buffer_size, &required_size, "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43); - length_modifier = PSA_AEAD_TAG_LENGTH(alg); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); } else if (core_alg != alg) { append(&buffer, buffer_size, &required_size, "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32); - length_modifier = PSA_AEAD_TAG_LENGTH(alg); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); } } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) && !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index acaae599f8..1e97795336 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -241,13 +241,17 @@ int main( int argc, char *argv[] ) * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */ if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { +#if !defined(MBEDTLS_X509_REMOVE_INFO) char vrfy_buf[512]; +#endif mbedtls_printf( " failed\n" ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); +#endif } else mbedtls_printf( " ok\n" ); diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 2c16887212..6624224af4 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -216,13 +216,17 @@ int main( void ) /* In real life, we probably want to bail out when ret != 0 */ if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { +#if !defined(MBEDTLS_X509_REMOVE_INFO) char vrfy_buf[512]; +#endif mbedtls_printf( " failed\n" ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); +#endif } else mbedtls_printf( " ok\n" ); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index e962ddce8c..2ce8588373 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -532,6 +532,9 @@ static int my_verify( void *data, mbedtls_x509_crt *crt, char buf[1024]; ((void) data); + mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); + +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); if( depth == 0 ) memcpy( peer_crt_info, buf, sizeof( buf ) ); @@ -539,14 +542,17 @@ static int my_verify( void *data, mbedtls_x509_crt *crt, if( opt.debug_level == 0 ) return( 0 ); - mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); mbedtls_printf( "%s", buf ); +#else + ((void) crt); + ((void) depth); +#endif if ( ( *flags ) == 0 ) mbedtls_printf( " This certificate has no flags\n" ); else { - mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); + x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); mbedtls_printf( "%s\n", buf ); } @@ -2276,10 +2282,9 @@ int main( int argc, char *argv[] ) if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), + x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); @@ -2287,8 +2292,10 @@ int main( int argc, char *argv[] ) else mbedtls_printf( " ok\n" ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_printf( " . Peer certificate information ...\n" ); mbedtls_printf( "%s\n", peer_crt_info ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 4a7c773407..ec24fa8e0e 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -494,6 +494,7 @@ size_t read_next_b64_code( uint8_t **b64, size_t *max_len ) return 0; } +#if !defined(MBEDTLS_X509_REMOVE_INFO) /* * This function deserializes and prints to the stdout all obtained information * about the certificates from provided data. @@ -548,6 +549,7 @@ void print_deserialized_ssl_cert( const uint8_t *ssl, uint32_t len ) mbedtls_x509_crt_free( &crt ); } +#endif /* !MBEDTLS_X509_REMOVE_INFO */ /* * This function deserializes and prints to the stdout all obtained information @@ -680,7 +682,9 @@ void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, if( cert_len > 0 ) { CHECK_SSL_END( cert_len ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) print_deserialized_ssl_cert( ssl, cert_len ); +#endif ssl += cert_len; } } diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 0392a46469..428c643626 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -208,21 +208,27 @@ static int do_handshake( mbedtls_ssl_context *ssl ) /* In real life, we probably want to bail out when ret != 0 */ if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 ) { +#if !defined(MBEDTLS_X509_REMOVE_INFO) char vrfy_buf[512]; +#endif mbedtls_printf( " failed\n" ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); +#endif } else mbedtls_printf( " ok\n" ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_printf( " . Peer certificate information ...\n" ); mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", mbedtls_ssl_get_peer_cert( ssl ) ); mbedtls_printf( "%s\n", buf ); +#endif return( 0 ); } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index caf9894228..826edd6883 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3140,7 +3140,7 @@ handshake: char vrfy_buf[512]; flags = mbedtls_ssl_get_verify_result( &ssl ); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); } @@ -3192,13 +3192,13 @@ handshake: mbedtls_printf( " failed\n" ); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); - + x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); } else mbedtls_printf( " ok\n" ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL ) { char crt_buf[512]; @@ -3208,6 +3208,7 @@ handshake: mbedtls_ssl_get_peer_cert( &ssl ) ); mbedtls_printf( "%s\n", crt_buf ); } +#endif /* MBEDTLS_X509_REMOVE_INFO */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 09832cff1e..bf53c6fa48 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -307,3 +307,41 @@ int ssl_sig_hashes_for_test[] = { MBEDTLS_MD_NONE }; #endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** Functionally equivalent to mbedtls_x509_crt_verify_info, see that function + * for more info. + */ +int x509_crt_verify_info( char *buf, size_t size, const char *prefix, + uint32_t flags ) +{ +#if !defined(MBEDTLS_X509_REMOVE_INFO) + return( mbedtls_x509_crt_verify_info( buf, size, prefix, flags ) ); + +#else /* !MBEDTLS_X509_REMOVE_INFO */ + int ret; + char *p = buf; + size_t n = size; + +#define X509_CRT_ERROR_INFO( err, err_str, info ) \ + if( ( flags & err ) != 0 ) \ + { \ + ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, info ); \ + MBEDTLS_X509_SAFE_SNPRINTF; \ + flags ^= err; \ + } + + MBEDTLS_X509_CRT_ERROR_INFO_LIST +#undef X509_CRT_ERROR_INFO + + if( flags != 0 ) + { + ret = mbedtls_snprintf( p, n, "%sUnknown reason " + "(this should not happen)\n", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + } + + return( (int) ( size - n ) ); +#endif /* MBEDTLS_X509_REMOVE_INFO */ +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index 68117c58ce..ea345a311d 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -57,7 +57,6 @@ #include "mbedtls/md2.h" #include "mbedtls/md4.h" #include "mbedtls/md5.h" -#include "mbedtls/net.h" #include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" #include "mbedtls/oid.h" diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 2acb4d60df..db56ea4e69 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -851,14 +851,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ -#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) - if( strcmp( "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENABLE_WEAK_CIPHERSUITES ); - return( 0 ); - } -#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ - #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) if( strcmp( "MBEDTLS_REMOVE_3DES_CIPHERSUITES", config ) == 0 ) { @@ -1211,6 +1203,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PKCS1_V21 */ +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + if( strcmp( "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) if( strcmp( "MBEDTLS_PSA_CRYPTO_CLIENT", config ) == 0 ) { @@ -1635,6 +1635,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ +#if defined(MBEDTLS_X509_REMOVE_INFO) + if( strcmp( "MBEDTLS_X509_REMOVE_INFO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_REMOVE_INFO ); + return( 0 ); + } +#endif /* MBEDTLS_X509_REMOVE_INFO */ + #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 ) { diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 89b25a8328..fb2484337c 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -41,14 +41,14 @@ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_CTR_DRBG_C) + !defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_X509_REMOVE_INFO) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); + "MBEDTLS_CTR_DRBG_C not defined and/or MBEDTLS_X509_REMOVE_INFO defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index ffb539fdb4..db43c54a1e 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -35,11 +35,13 @@ #endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) + !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + defined(MBEDTLS_X509_REMOVE_INFO) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined and/or " + "MBEDTLS_X509_REMOVE_INFO defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index 0256a76369..e151734d21 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -35,11 +35,13 @@ #endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) + !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + defined(MBEDTLS_X509_REMOVE_INFO) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined and/or " + "MBEDTLS_X509_REMOVE_INFO defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/scripts/config.py b/scripts/config.py index fc0c370d44..6b13a3aa66 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -195,6 +195,7 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) 'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS + 'MBEDTLS_X509_REMOVE_INFO', # removes a feature ]) def is_seamless_alt(name): diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 9e479bbfd9..3be94bd2c4 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -162,4 +162,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #endif /* MBEDTLS_ERROR_C */ +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +#endif + #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index ff07ecd450..71afd02c89 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -117,11 +117,11 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { append(&buffer, buffer_size, &required_size, "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43); - length_modifier = PSA_AEAD_TAG_LENGTH(alg); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); } else if (core_alg != alg) { append(&buffer, buffer_size, &required_size, "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32); - length_modifier = PSA_AEAD_TAG_LENGTH(alg); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); } } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) && !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index df5d66e819..d11041c318 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -40,6 +40,7 @@ my $source_dir = 'library'; my $test_source_dir = 'tests/src'; my $test_header_dir = 'tests/include/test'; my $test_drivers_header_dir = 'tests/include/test/drivers'; +my $test_drivers_source_dir = 'tests/src/drivers'; my @thirdparty_header_dirs = qw( 3rdparty/everest/include/everest @@ -116,6 +117,7 @@ sub check_dirs { && -d $psa_header_dir && -d $source_dir && -d $test_source_dir + && -d $test_drivers_source_dir && -d $test_header_dir && -d $test_drivers_header_dir && -d $programs_dir; @@ -275,6 +277,7 @@ sub main { my @source_dirs = ( $source_dir, $test_source_dir, + $test_drivers_source_dir, @thirdparty_source_dirs, ); my @sources = (map { <$_/*.c> } @source_dirs); diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 0962898fee..f3cba5acb8 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -1131,6 +1131,16 @@ cert_md5.crt: cert_md5.csr $(MBEDTLS_CERT_WRITE) request_file=$< serial=6 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD5 version=3 output_file=$@ all_final += cert_md5.crt +################################################################ +#### Diffie-Hellman parameters +################################################################ + +dh.998.pem: + $(OPENSSL) dhparam -out $@ -text 998 + +dh.999.pem: + $(OPENSSL) dhparam -out $@ -text 999 + ################################################################ #### Meta targets ################################################################ diff --git a/tests/data_files/dh.998.pem b/tests/data_files/dh.998.pem new file mode 100644 index 0000000000..96d6cf2b89 --- /dev/null +++ b/tests/data_files/dh.998.pem @@ -0,0 +1,17 @@ + DH Parameters: (998 bit) + prime: + 39:5f:30:c0:7b:06:b7:6a:49:c6:c0:81:1f:39:77: + b3:35:e2:8d:66:fc:6a:6e:94:f3:df:97:f2:89:31: + 6c:75:39:08:16:d1:a4:b8:0c:68:c5:63:21:61:eb: + 48:2d:77:99:08:1d:67:38:37:0a:cd:cf:39:b6:3c: + 9d:8a:e5:85:3c:71:e3:4b:3e:1e:b9:80:e3:cc:7a: + fd:84:05:b0:df:36:15:29:4e:3e:23:3b:c3:ae:6b: + c7:11:b9:64:43:40:75:c7:4a:ef:a7:2d:00:e2:62: + 8f:93:78:96:8f:2c:25:8d:7d:1f:eb:5c:3c:bf:51: + de:f8:08:25:db + generator: 2 (0x2) +-----BEGIN DH PARAMETERS----- +MIGCAn05XzDAewa3aknGwIEfOXezNeKNZvxqbpTz35fyiTFsdTkIFtGkuAxoxWMh +YetILXeZCB1nODcKzc85tjydiuWFPHHjSz4euYDjzHr9hAWw3zYVKU4+IzvDrmvH +EblkQ0B1x0rvpy0A4mKPk3iWjywljX0f61w8v1He+Agl2wIBAg== +-----END DH PARAMETERS----- diff --git a/tests/data_files/dh.999.pem b/tests/data_files/dh.999.pem new file mode 100644 index 0000000000..6e3ceb3baa --- /dev/null +++ b/tests/data_files/dh.999.pem @@ -0,0 +1,17 @@ + DH Parameters: (999 bit) + prime: + 4f:b8:d2:d8:3c:b3:02:c9:64:f5:99:fe:61:cc:b3: + 69:1c:ba:bb:a2:33:db:38:2f:85:87:b7:12:fb:69: + 6e:a5:32:3e:ff:24:df:c4:61:07:0c:e1:88:72:fa: + 14:d4:22:65:18:66:09:7e:43:35:c4:5a:62:f7:0a: + 69:be:45:71:6e:ac:c5:56:d8:22:9e:c4:9c:23:2b: + bd:6d:3b:b6:02:4f:5d:12:a7:ac:90:b8:9e:be:93: + 82:bc:09:7c:cd:e1:09:21:1e:3d:69:2a:76:41:00: + 68:6d:b7:e8:e8:df:d6:1b:82:93:d9:21:4a:ea:71: + f2:e6:c4:94:03 + generator: 2 (0x2) +-----BEGIN DH PARAMETERS----- +MIGCAn1PuNLYPLMCyWT1mf5hzLNpHLq7ojPbOC+Fh7cS+2lupTI+/yTfxGEHDOGI +cvoU1CJlGGYJfkM1xFpi9wppvkVxbqzFVtginsScIyu9bTu2Ak9dEqeskLievpOC +vAl8zeEJIR49aSp2QQBobbfo6N/WG4KT2SFK6nHy5sSUAwIBAg== +-----END DH PARAMETERS----- diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h index 1be8910a30..2207cb36fe 100644 --- a/tests/include/test/drivers/aead.h +++ b/tests/include/test/drivers/aead.h @@ -37,18 +37,19 @@ typedef struct { unsigned long hits; /* Status returned by the last AEAD driver function call. */ psa_status_t driver_status; -} test_driver_aead_hooks_t; +} mbedtls_test_driver_aead_hooks_t; -#define TEST_DRIVER_AEAD_INIT { 0, 0, 0 } -static inline test_driver_aead_hooks_t test_driver_aead_hooks_init( void ) +#define MBEDTLS_TEST_DRIVER_AEAD_INIT { 0, 0, 0 } +static inline mbedtls_test_driver_aead_hooks_t + mbedtls_test_driver_aead_hooks_init( void ) { - const test_driver_aead_hooks_t v = TEST_DRIVER_AEAD_INIT; + const mbedtls_test_driver_aead_hooks_t v = MBEDTLS_TEST_DRIVER_AEAD_INIT; return( v ); } -extern test_driver_aead_hooks_t test_driver_aead_hooks; +extern mbedtls_test_driver_aead_hooks_t mbedtls_test_driver_aead_hooks; -psa_status_t test_transparent_aead_encrypt( +psa_status_t mbedtls_test_transparent_aead_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, @@ -57,7 +58,7 @@ psa_status_t test_transparent_aead_encrypt( const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ); -psa_status_t test_transparent_aead_decrypt( +psa_status_t mbedtls_test_transparent_aead_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 6d6a6af424..4fe559618f 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -41,101 +41,102 @@ typedef struct { psa_status_t forced_status; /* Count the amount of times one of the cipher driver functions is called. */ unsigned long hits; -} test_driver_cipher_hooks_t; +} mbedtls_test_driver_cipher_hooks_t; -#define TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 } -static inline test_driver_cipher_hooks_t test_driver_cipher_hooks_init( void ) +#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 } +static inline mbedtls_test_driver_cipher_hooks_t + mbedtls_test_driver_cipher_hooks_init( void ) { - const test_driver_cipher_hooks_t v = TEST_DRIVER_CIPHER_INIT; + const mbedtls_test_driver_cipher_hooks_t v = MBEDTLS_TEST_DRIVER_CIPHER_INIT; return( v ); } -extern test_driver_cipher_hooks_t test_driver_cipher_hooks; +extern mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks; -psa_status_t test_transparent_cipher_encrypt( +psa_status_t mbedtls_test_transparent_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_transparent_cipher_decrypt( +psa_status_t mbedtls_test_transparent_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_transparent_cipher_encrypt_setup( +psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( mbedtls_transparent_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg); -psa_status_t test_transparent_cipher_decrypt_setup( +psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( mbedtls_transparent_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg); -psa_status_t test_transparent_cipher_abort( +psa_status_t mbedtls_test_transparent_cipher_abort( mbedtls_transparent_test_driver_cipher_operation_t *operation ); -psa_status_t test_transparent_cipher_set_iv( +psa_status_t mbedtls_test_transparent_cipher_set_iv( mbedtls_transparent_test_driver_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length); -psa_status_t test_transparent_cipher_update( +psa_status_t mbedtls_test_transparent_cipher_update( mbedtls_transparent_test_driver_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_transparent_cipher_finish( +psa_status_t mbedtls_test_transparent_cipher_finish( mbedtls_transparent_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length); /* * opaque versions */ -psa_status_t test_opaque_cipher_encrypt( +psa_status_t mbedtls_test_opaque_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_opaque_cipher_decrypt( +psa_status_t mbedtls_test_opaque_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_opaque_cipher_encrypt_setup( +psa_status_t mbedtls_test_opaque_cipher_encrypt_setup( mbedtls_opaque_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg); -psa_status_t test_opaque_cipher_decrypt_setup( +psa_status_t mbedtls_test_opaque_cipher_decrypt_setup( mbedtls_opaque_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg); -psa_status_t test_opaque_cipher_abort( +psa_status_t mbedtls_test_opaque_cipher_abort( mbedtls_opaque_test_driver_cipher_operation_t *operation); -psa_status_t test_opaque_cipher_set_iv( +psa_status_t mbedtls_test_opaque_cipher_set_iv( mbedtls_opaque_test_driver_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length); -psa_status_t test_opaque_cipher_update( +psa_status_t mbedtls_test_opaque_cipher_update( mbedtls_opaque_test_driver_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_opaque_cipher_finish( +psa_status_t mbedtls_test_opaque_cipher_finish( mbedtls_opaque_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length); diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h new file mode 100644 index 0000000000..ebe83dee4e --- /dev/null +++ b/tests/include/test/drivers/hash.h @@ -0,0 +1,80 @@ +/* + * Test driver for hash driver entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H +#define PSA_CRYPTO_TEST_DRIVERS_HASH_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include + +typedef struct { + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* Count the amount of times hash driver entry points are called. */ + unsigned long hits; + /* Status returned by the last hash driver entry point call. */ + psa_status_t driver_status; +} mbedtls_test_driver_hash_hooks_t; + +#define MBEDTLS_TEST_DRIVER_HASH_INIT { 0, 0, 0 } +static inline mbedtls_test_driver_hash_hooks_t + mbedtls_test_driver_hash_hooks_init( void ) +{ + const mbedtls_test_driver_hash_hooks_t v = MBEDTLS_TEST_DRIVER_HASH_INIT; + return( v ); +} + +extern mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks; + +psa_status_t mbedtls_test_transparent_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *hash, size_t hash_size, size_t *hash_length ); + +psa_status_t mbedtls_test_transparent_hash_setup( + mbedtls_transparent_test_driver_hash_operation_t *operation, + psa_algorithm_t alg ); + +psa_status_t mbedtls_test_transparent_hash_clone( + const mbedtls_transparent_test_driver_hash_operation_t *source_operation, + mbedtls_transparent_test_driver_hash_operation_t *target_operation ); + +psa_status_t mbedtls_test_transparent_hash_update( + mbedtls_transparent_test_driver_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ); + +psa_status_t mbedtls_test_transparent_hash_finish( + mbedtls_transparent_test_driver_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ); + +psa_status_t mbedtls_test_transparent_hash_abort( + mbedtls_psa_hash_operation_t *operation ); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index b30baa2052..45814fd034 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -29,6 +29,9 @@ #if defined(PSA_CRYPTO_DRIVER_TEST) #include +#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT 0 +#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT 1 + typedef struct { /* If non-null, on success, copy this to the output. */ void *forced_output; @@ -39,41 +42,44 @@ typedef struct { /* Count the amount of times one of the key management driver functions * is called. */ unsigned long hits; -} test_driver_key_management_hooks_t; +} mbedtls_test_driver_key_management_hooks_t; -#define TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0 } -static inline test_driver_key_management_hooks_t test_driver_key_management_hooks_init( void ) +#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0 } +static inline mbedtls_test_driver_key_management_hooks_t + mbedtls_test_driver_key_management_hooks_init( void ) { - const test_driver_key_management_hooks_t v = TEST_DRIVER_KEY_MANAGEMENT_INIT; + const mbedtls_test_driver_key_management_hooks_t + v = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; return( v ); } -extern test_driver_key_management_hooks_t test_driver_key_management_hooks; +extern mbedtls_test_driver_key_management_hooks_t + mbedtls_test_driver_key_management_hooks; -psa_status_t test_transparent_generate_key( +psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ); -psa_status_t test_opaque_generate_key( +psa_status_t mbedtls_test_opaque_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ); -psa_status_t test_opaque_export_key( +psa_status_t mbedtls_test_opaque_export_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ); -psa_status_t test_transparent_export_public_key( +psa_status_t mbedtls_test_transparent_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ); -psa_status_t test_opaque_export_public_key( +psa_status_t mbedtls_test_opaque_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ); -psa_status_t test_transparent_import_key( +psa_status_t mbedtls_test_transparent_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, @@ -82,5 +88,10 @@ psa_status_t test_transparent_import_key( size_t *key_buffer_length, size_t *bits); +psa_status_t mbedtls_test_opaque_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index e785151254..1586ce9bcb 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -38,40 +38,44 @@ typedef struct { psa_status_t forced_status; /* Count the amount of times one of the signature driver functions is called. */ unsigned long hits; -} test_driver_signature_hooks_t; +} mbedtls_test_driver_signature_hooks_t; -#define TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 } -static inline test_driver_signature_hooks_t test_driver_signature_hooks_init( void ) +#define MBEDTLS_TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 } +static inline mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_hooks_init( void ) { - const test_driver_signature_hooks_t v = TEST_DRIVER_SIGNATURE_INIT; + const mbedtls_test_driver_signature_hooks_t + v = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; return( v ); } -extern test_driver_signature_hooks_t test_driver_signature_sign_hooks; -extern test_driver_signature_hooks_t test_driver_signature_verify_hooks; +extern mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_sign_hooks; +extern mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_verify_hooks; -psa_status_t test_transparent_signature_sign_hash( +psa_status_t mbedtls_test_transparent_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ); -psa_status_t test_opaque_signature_sign_hash( +psa_status_t mbedtls_test_opaque_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ); -psa_status_t test_transparent_signature_verify_hash( +psa_status_t mbedtls_test_transparent_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -psa_status_t test_opaque_signature_verify_hash( +psa_status_t mbedtls_test_opaque_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, diff --git a/tests/include/test/drivers/size.h b/tests/include/test/drivers/size.h index 4bfe986a21..b2665bdda5 100644 --- a/tests/include/test/drivers/size.h +++ b/tests/include/test/drivers/size.h @@ -29,67 +29,9 @@ #if defined(PSA_CRYPTO_DRIVER_TEST) #include -typedef struct { - unsigned int context; -} test_driver_key_context_t; - -/** \def TEST_DRIVER_KEY_CONTEXT_BASE_SIZE - * - * This macro returns the base size for the key context. It is the size of the - * driver specific information stored in each key context. - */ -#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof( test_driver_key_context_t ) - -/** \def TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE - * - * Number of bytes included in every key context for a key pair. - * - * This pair size is for an ECC 256-bit private/public key pair. - * Based on this value, the size of the private key can be derived by - * subtracting the public key size below from this one. - */ - -#define TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE 65 - -/** \def TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE - * - * Number of bytes included in every key context for a public key. - * - * For ECC public keys, it needs 257 bits so 33 bytes. - */ -#define TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE 33 - -/** \def TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR - * - * Every key context for a symmetric key includes this many times the key size. - */ -#define TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR 0 - -/** \def TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY - * - * If this is true for a key pair, the key context includes space for the public key. - * If this is false, no additional space is added for the public key. - * - * For this instance, store the public key with the private one. - */ -#define TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY 1 - -/** \def TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION - * - * If TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION is defined, the test driver - * provides a size_function entry point, otherwise, it does not. - * - * Some opaque drivers have the need to support a custom size for the storage - * of key and context information. The size_function provides the ability to - * provide that customization. - */ -//#define TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION - -#ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION -size_t test_size_function( +size_t mbedtls_test_size_function( const psa_key_type_t key_type, const size_t key_bits ); -#endif /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIZE_H */ diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h index 2fdce5c79f..dc2136a6ab 100644 --- a/tests/include/test/drivers/test_driver.h +++ b/tests/include/test/drivers/test_driver.h @@ -20,12 +20,13 @@ #ifndef PSA_CRYPTO_TEST_DRIVER_H #define PSA_CRYPTO_TEST_DRIVER_H -#define PSA_CRYPTO_TEST_DRIVER_LIFETIME 0x7fffff +#define PSA_CRYPTO_TEST_DRIVER_LOCATION 0x7fffff #include "test/drivers/aead.h" -#include "test/drivers/signature.h" -#include "test/drivers/key_management.h" #include "test/drivers/cipher.h" +#include "test/drivers/hash.h" +#include "test/drivers/key_management.h" +#include "test/drivers/signature.h" #include "test/drivers/size.h" #endif /* PSA_CRYPTO_TEST_DRIVER_H */ diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index c3a844b600..9bfe08547c 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -278,4 +278,20 @@ void mbedtls_test_mutex_usage_init( void ); void mbedtls_test_mutex_usage_check( void ); #endif /* MBEDTLS_TEST_MUTEX_USAGE */ +#if defined(MBEDTLS_TEST_HOOKS) +/** + * \brief Check that only a pure high-level error code is being combined with + * a pure low-level error code as otherwise the resultant error code + * would be corrupted. + * + * \note Both high-level and low-level error codes cannot be greater than + * zero however can be zero. If one error code is zero then the + * other error code is returned even if both codes are zero. + * + * \note If the check fails, fail the test currently being run. + */ +void mbedtls_test_err_add_check( int high, int low, + const char *file, int line); +#endif + #endif /* TEST_HELPERS_H */ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b01c226fcf..a4d50c1f6a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1099,6 +1099,7 @@ component_test_everest_curve25519_only () { scripts/config.py unset MBEDTLS_ECDSA_C scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + scripts/config.py unset MBEDTLS_ECJPAKE_C # Disable all curves for c in $(sed -n 's/#define \(MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED\).*/\1/p' <"$CONFIG_H"); do scripts/config.py unset "$c" @@ -2061,6 +2062,7 @@ component_test_when_no_ciphersuites_have_mac () { scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER scripts/config.py unset MBEDTLS_ARC4_C scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_CMAC_C make msg "test: !MBEDTLS_SSL_SOME_MODES_USE_MAC" @@ -2207,6 +2209,7 @@ component_test_psa_crypto_drivers () { msg "build: MBEDTLS_PSA_CRYPTO_DRIVERS w/ driver hooks" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS # Need to define the correct symbol and include the test driver header path in order to build with the test driver loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_AES" @@ -2423,6 +2426,20 @@ component_test_no_strings () { make test } +component_test_no_x509_info () { + msg "build: full + MBEDTLS_X509_REMOVE_INFO" # ~ 10s + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.pl set MBEDTLS_X509_REMOVE_INFO + make CFLAGS='-Werror -O1' + + msg "test: full + MBEDTLS_X509_REMOVE_INFO" # ~ 10s + make test + + msg "test: ssl-opt.sh, full + MBEDTLS_X509_REMOVE_INFO" # ~ 1 min + if_build_succeeded tests/ssl-opt.sh +} + component_build_arm_none_eabi_gcc () { msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1" # ~ 10s scripts/config.py baremetal diff --git a/tests/scripts/curves.pl b/tests/scripts/curves.pl index 188bd29acc..2572e93301 100755 --- a/tests/scripts/curves.pl +++ b/tests/scripts/curves.pl @@ -84,6 +84,7 @@ for my $curve (@curves) { } # Depends on a specific curve. Also, ignore error if it wasn't enabled. system( "scripts/config.pl unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" ); +system( "scripts/config.pl unset MBEDTLS_ECJPAKE_C" ); # Test with only $curve enabled, for each $curve. for my $curve (@curves) { diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh index 2727ff9d59..fd19c471bb 100755 --- a/tests/scripts/list-macros.sh +++ b/tests/scripts/list-macros.sh @@ -22,7 +22,7 @@ if [ -d include/mbedtls ]; then :; else exit 1 fi -HEADERS=$( ls include/mbedtls/*.h include/psa/*.h ) +HEADERS=$( ls include/mbedtls/*.h include/psa/*.h tests/include/test/drivers/*.h ) HEADERS="$HEADERS library/*.h" HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h" diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index cf4175af2c..57263a334e 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -36,8 +36,6 @@ my %configs = ( }, 'config-no-entropy.h' => { }, - 'config-psa-crypto.h' => { - }, 'config-suite-b.h' => { 'compat' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS", }, diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c new file mode 100644 index 0000000000..f95aa6b617 --- /dev/null +++ b/tests/src/drivers/hash.c @@ -0,0 +1,161 @@ +/* + * Test driver for hash entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa_crypto_hash.h" + +#include "test/drivers/hash.h" + +mbedtls_test_driver_hash_hooks_t + mbedtls_test_driver_hash_hooks = MBEDTLS_TEST_DRIVER_HASH_INIT; + +psa_status_t mbedtls_test_transparent_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *hash, size_t hash_size, size_t *hash_length ) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } + else + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_compute( + alg, input, input_length, + hash, hash_size, hash_length ); + } + + return( mbedtls_test_driver_hash_hooks.driver_status ); +} + +psa_status_t mbedtls_test_transparent_hash_setup( + mbedtls_transparent_test_driver_hash_operation_t *operation, + psa_algorithm_t alg ) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } + else + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_setup( operation, alg ); + } + + return( mbedtls_test_driver_hash_hooks.driver_status ); +} + +psa_status_t mbedtls_test_transparent_hash_clone( + const mbedtls_transparent_test_driver_hash_operation_t *source_operation, + mbedtls_transparent_test_driver_hash_operation_t *target_operation ) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } + else + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_clone( source_operation, + target_operation ); + } + + return( mbedtls_test_driver_hash_hooks.driver_status ); +} + +psa_status_t mbedtls_test_transparent_hash_update( + mbedtls_transparent_test_driver_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } + else + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_update( + operation, input, input_length ); + } + + return( mbedtls_test_driver_hash_hooks.driver_status ); +} + +psa_status_t mbedtls_test_transparent_hash_finish( + mbedtls_transparent_test_driver_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } + else + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_finish( + operation, hash, hash_size, hash_length ); + } + + return( mbedtls_test_driver_hash_hooks.driver_status ); +} + +psa_status_t mbedtls_test_transparent_hash_abort( + mbedtls_transparent_test_driver_hash_operation_t *operation ) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } + else + { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_abort( operation ); + } + + return( mbedtls_test_driver_hash_hooks.driver_status ); +} +#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/key_management.c deleted file mode 100644 index 10a40c37d3..0000000000 --- a/tests/src/drivers/key_management.c +++ /dev/null @@ -1,235 +0,0 @@ -/* - * Test driver for generating and verifying keys. - * Currently only supports generating and verifying ECC keys. - */ -/* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) -#include "psa/crypto.h" -#include "psa_crypto_core.h" -#include "psa_crypto_ecp.h" -#include "psa_crypto_rsa.h" -#include "mbedtls/ecp.h" -#include "mbedtls/error.h" - -#include "test/drivers/key_management.h" - -#include "test/random.h" - -#include - -test_driver_key_management_hooks_t test_driver_key_management_hooks = - TEST_DRIVER_KEY_MANAGEMENT_INIT; - -psa_status_t test_transparent_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ) -{ - ++test_driver_key_management_hooks.hits; - - if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_key_management_hooks.forced_status ); - - if( test_driver_key_management_hooks.forced_output != NULL ) - { - if( test_driver_key_management_hooks.forced_output_length > key_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( key, test_driver_key_management_hooks.forced_output, - test_driver_key_management_hooks.forced_output_length ); - *key_length = test_driver_key_management_hooks.forced_output_length; - return( PSA_SUCCESS ); - } - - /* Copied from psa_crypto.c */ -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) - if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) ) - && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) - { - return( mbedtls_transparent_test_driver_ecp_generate_key( - attributes, key, key_size, key_length ) ); - } - else -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) */ - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) - if ( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR ) - return( mbedtls_transparent_test_driver_rsa_generate_key( - attributes, key, key_size, key_length ) ); - else -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */ - { - (void)attributes; - return( PSA_ERROR_NOT_SUPPORTED ); - } -} - -psa_status_t test_opaque_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ) -{ - (void) attributes; - (void) key; - (void) key_size; - (void) key_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t test_transparent_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - uint8_t *key_buffer, - size_t key_buffer_size, - size_t *key_buffer_length, - size_t *bits) -{ - ++test_driver_key_management_hooks.hits; - - if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_key_management_hooks.forced_status ); - - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_type_t type = psa_get_key_type( attributes ); - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_ECC( type ) ) - { - status = mbedtls_transparent_test_driver_ecp_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ); - } - else -#endif -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( type ) ) - { - status = mbedtls_transparent_test_driver_rsa_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ); - } - else -#endif - { - status = PSA_ERROR_NOT_SUPPORTED; - (void)data; - (void)data_length; - (void)key_buffer; - (void)key_buffer_size; - (void)key_buffer_length; - (void)bits; - (void)type; - } - - return( status ); -} - -psa_status_t test_opaque_export_key( - const psa_key_attributes_t *attributes, - const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - (void) attributes; - (void) key; - (void) key_length; - (void) data; - (void) data_size; - (void) data_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t test_transparent_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - ++test_driver_key_management_hooks.hits; - - if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_key_management_hooks.forced_status ); - - if( test_driver_key_management_hooks.forced_output != NULL ) - { - if( test_driver_key_management_hooks.forced_output_length > data_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, test_driver_key_management_hooks.forced_output, - test_driver_key_management_hooks.forced_output_length ); - *data_length = test_driver_key_management_hooks.forced_output_length; - return( PSA_SUCCESS ); - } - - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_type_t key_type = psa_get_key_type( attributes ); - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_ECC( key_type ) ) - { - status = mbedtls_transparent_test_driver_ecp_export_public_key( - attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ); - } - else -#endif -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( key_type ) ) - { - status = mbedtls_transparent_test_driver_rsa_export_public_key( - attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ); - } - else -#endif - { - status = PSA_ERROR_NOT_SUPPORTED; - (void)key_buffer; - (void)key_buffer_size; - (void)key_type; - } - - return( status ); -} - -psa_status_t test_opaque_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - (void) attributes; - (void) key; - (void) key_length; - (void) data; - (void) data_size; - (void) data_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c new file mode 100644 index 0000000000..759fa78309 --- /dev/null +++ b/tests/src/drivers/platform_builtin_keys.c @@ -0,0 +1,91 @@ +/** \file platform_builtin_keys.c + * + * \brief Test driver implementation of the builtin key support + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include +#endif + +typedef struct +{ + psa_key_id_t builtin_key_id; + psa_key_lifetime_t lifetime; + psa_drv_slot_number_t slot_number; +} mbedtls_psa_builtin_key_description_t; + +static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { +#if defined(PSA_CRYPTO_DRIVER_TEST) + /* For testing, assign the AES builtin key slot to the boundary values. + * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */ + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, +#else + {0, 0, 0} +#endif +}; + +psa_status_t mbedtls_psa_platform_get_builtin_key( + mbedtls_svc_key_id_t key_id, + psa_key_lifetime_t *lifetime, + psa_drv_slot_number_t *slot_number ) +{ + psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id ); + const mbedtls_psa_builtin_key_description_t *builtin_key; + + for( size_t i = 0; + i < ( sizeof( builtin_keys ) / sizeof( builtin_keys[0] ) ); i++ ) + { + builtin_key = &builtin_keys[i]; + if( builtin_key->builtin_key_id == app_key_id ) + { + *lifetime = builtin_key->lifetime; + *slot_number = builtin_key->slot_number; + return( PSA_SUCCESS ); + } + } + + return( PSA_ERROR_DOES_NOT_EXIST ); +} diff --git a/tests/src/drivers/size.c b/tests/src/drivers/size.c deleted file mode 100644 index 16a86922a6..0000000000 --- a/tests/src/drivers/size.c +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Test driver for retrieving key context size. - * Only used by opaque drivers. - */ -/* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) - -#include "test/drivers/size.h" - -#ifdef TEST_KEY_CONTEXT_SIZE_FUNCTION -size_t test_size_function( - const psa_key_type_t key_type, - const size_t key_bits ) -{ - (void) key_type; - (void) key_bits; - return 0; -} -#endif /*TEST_KEY_CONTEXT_SIZE_FUNCTION */ - -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/aead.c b/tests/src/drivers/test_driver_aead.c similarity index 73% rename from tests/src/drivers/aead.c rename to tests/src/drivers/test_driver_aead.c index c87752502a..25396c92f5 100644 --- a/tests/src/drivers/aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -28,9 +28,10 @@ #include "test/drivers/aead.h" -test_driver_aead_hooks_t test_driver_aead_hooks = TEST_DRIVER_AEAD_INIT; +mbedtls_test_driver_aead_hooks_t + mbedtls_test_driver_aead_hooks = MBEDTLS_TEST_DRIVER_AEAD_INIT; -psa_status_t test_transparent_aead_encrypt( +psa_status_t mbedtls_test_transparent_aead_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, @@ -39,16 +40,16 @@ psa_status_t test_transparent_aead_encrypt( const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ) { - test_driver_aead_hooks.hits++; + mbedtls_test_driver_aead_hooks.hits++; - if( test_driver_aead_hooks.forced_status != PSA_SUCCESS ) + if( mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS ) { - test_driver_aead_hooks.driver_status = - test_driver_aead_hooks.forced_status; + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; } else { - test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_encrypt( attributes, key_buffer, key_buffer_size, alg, @@ -58,10 +59,10 @@ psa_status_t test_transparent_aead_encrypt( ciphertext, ciphertext_size, ciphertext_length ); } - return( test_driver_aead_hooks.driver_status ); + return( mbedtls_test_driver_aead_hooks.driver_status ); } -psa_status_t test_transparent_aead_decrypt( +psa_status_t mbedtls_test_transparent_aead_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, @@ -70,16 +71,16 @@ psa_status_t test_transparent_aead_decrypt( const uint8_t *ciphertext, size_t ciphertext_length, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ) { - test_driver_aead_hooks.hits++; + mbedtls_test_driver_aead_hooks.hits++; - if( test_driver_aead_hooks.forced_status != PSA_SUCCESS ) + if( mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS ) { - test_driver_aead_hooks.driver_status = - test_driver_aead_hooks.forced_status; + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; } else { - test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_decrypt( attributes, key_buffer, key_buffer_size, alg, @@ -89,7 +90,7 @@ psa_status_t test_transparent_aead_decrypt( plaintext, plaintext_size, plaintext_length ); } - return( test_driver_aead_hooks.driver_status ); + return( mbedtls_test_driver_aead_hooks.driver_status ); } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/cipher.c b/tests/src/drivers/test_driver_cipher.c similarity index 75% rename from tests/src/drivers/cipher.c rename to tests/src/drivers/test_driver_cipher.c index 4dc46789b2..a415dd812b 100644 --- a/tests/src/drivers/cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -36,14 +36,10 @@ #include -/* Test driver implements AES-CTR only. Its default behaviour (when its return - * status is not overridden through the hooks) is to take care of all AES-CTR - * operations, and return PSA_ERROR_NOT_SUPPORTED for all others. - * Set test_driver_cipher_hooks.forced_status to PSA_ERROR_NOT_SUPPORTED to use - * fallback even for AES-CTR. */ -test_driver_cipher_hooks_t test_driver_cipher_hooks = TEST_DRIVER_CIPHER_INIT; +mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks = + MBEDTLS_TEST_DRIVER_CIPHER_INIT; -static psa_status_t test_transparent_cipher_oneshot( +static psa_status_t mbedtls_test_transparent_cipher_oneshot( mbedtls_operation_t direction, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, @@ -51,7 +47,7 @@ static psa_status_t test_transparent_cipher_oneshot( const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; /* Test driver supports AES-CTR only, to verify operation calls. */ if( alg != PSA_ALG_CTR || @@ -59,21 +55,21 @@ static psa_status_t test_transparent_cipher_oneshot( return( PSA_ERROR_NOT_SUPPORTED ); /* If test driver response code is not SUCCESS, we can return early */ - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); /* If test driver output is overridden, we don't need to do actual crypto */ - if( test_driver_cipher_hooks.forced_output != NULL ) + if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) { - if( output_size < test_driver_cipher_hooks.forced_output_length ) + if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) return( PSA_ERROR_BUFFER_TOO_SMALL ); memcpy( output, - test_driver_cipher_hooks.forced_output, - test_driver_cipher_hooks.forced_output_length ); - *output_length = test_driver_cipher_hooks.forced_output_length; + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length ); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( test_driver_cipher_hooks.forced_status ); + return( mbedtls_test_driver_cipher_hooks.forced_status ); } /* Run AES-CTR using the cipher module */ @@ -171,7 +167,7 @@ exit: } } -psa_status_t test_transparent_cipher_encrypt( +psa_status_t mbedtls_test_transparent_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, @@ -179,7 +175,7 @@ psa_status_t test_transparent_cipher_encrypt( uint8_t *output, size_t output_size, size_t *output_length) { return ( - test_transparent_cipher_oneshot( + mbedtls_test_transparent_cipher_oneshot( MBEDTLS_ENCRYPT, attributes, key, key_length, @@ -188,7 +184,7 @@ psa_status_t test_transparent_cipher_encrypt( output, output_size, output_length) ); } -psa_status_t test_transparent_cipher_decrypt( +psa_status_t mbedtls_test_transparent_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, @@ -196,7 +192,7 @@ psa_status_t test_transparent_cipher_decrypt( uint8_t *output, size_t output_size, size_t *output_length) { return ( - test_transparent_cipher_oneshot( + mbedtls_test_transparent_cipher_oneshot( MBEDTLS_DECRYPT, attributes, key, key_length, @@ -205,13 +201,13 @@ psa_status_t test_transparent_cipher_decrypt( output, output_size, output_length) ); } -psa_status_t test_transparent_cipher_encrypt_setup( +psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( mbedtls_transparent_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; /* Wiping the entire struct here, instead of member-by-member. This is * useful for the test suite, since it gives a chance of catching memory @@ -219,32 +215,32 @@ psa_status_t test_transparent_cipher_encrypt_setup( * our context struct. */ memset( operation, 0, sizeof( *operation ) ); - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); return ( mbedtls_transparent_test_driver_cipher_encrypt_setup( operation, attributes, key, key_length, alg ) ); } -psa_status_t test_transparent_cipher_decrypt_setup( +psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( mbedtls_transparent_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); return ( mbedtls_transparent_test_driver_cipher_decrypt_setup( operation, attributes, key, key_length, alg ) ); } -psa_status_t test_transparent_cipher_abort( +psa_status_t mbedtls_test_transparent_cipher_abort( mbedtls_transparent_test_driver_cipher_operation_t *operation) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; if( operation->alg == 0 ) return( PSA_SUCCESS ); @@ -257,24 +253,24 @@ psa_status_t test_transparent_cipher_abort( * our context struct. */ memset( operation, 0, sizeof( *operation ) ); - return( test_driver_cipher_hooks.forced_status ); + return( mbedtls_test_driver_cipher_hooks.forced_status ); } -psa_status_t test_transparent_cipher_set_iv( +psa_status_t mbedtls_test_transparent_cipher_set_iv( mbedtls_transparent_test_driver_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); return( mbedtls_transparent_test_driver_cipher_set_iv( operation, iv, iv_length ) ); } -psa_status_t test_transparent_cipher_update( +psa_status_t mbedtls_test_transparent_cipher_update( mbedtls_transparent_test_driver_cipher_operation_t *operation, const uint8_t *input, size_t input_length, @@ -282,52 +278,52 @@ psa_status_t test_transparent_cipher_update( size_t output_size, size_t *output_length) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; - if( test_driver_cipher_hooks.forced_output != NULL ) + if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) { - if( output_size < test_driver_cipher_hooks.forced_output_length ) + if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) return PSA_ERROR_BUFFER_TOO_SMALL; memcpy( output, - test_driver_cipher_hooks.forced_output, - test_driver_cipher_hooks.forced_output_length ); - *output_length = test_driver_cipher_hooks.forced_output_length; + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length ); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( test_driver_cipher_hooks.forced_status ); + return( mbedtls_test_driver_cipher_hooks.forced_status ); } - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); return( mbedtls_transparent_test_driver_cipher_update( operation, input, input_length, output, output_size, output_length ) ); } -psa_status_t test_transparent_cipher_finish( +psa_status_t mbedtls_test_transparent_cipher_finish( mbedtls_transparent_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; - if( test_driver_cipher_hooks.forced_output != NULL ) + if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) { - if( output_size < test_driver_cipher_hooks.forced_output_length ) + if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) return PSA_ERROR_BUFFER_TOO_SMALL; memcpy( output, - test_driver_cipher_hooks.forced_output, - test_driver_cipher_hooks.forced_output_length ); - *output_length = test_driver_cipher_hooks.forced_output_length; + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length ); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( test_driver_cipher_hooks.forced_status ); + return( mbedtls_test_driver_cipher_hooks.forced_status ); } - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); return( mbedtls_transparent_test_driver_cipher_finish( operation, output, output_size, output_length ) ); @@ -336,7 +332,7 @@ psa_status_t test_transparent_cipher_finish( /* * opaque versions, to do */ -psa_status_t test_opaque_cipher_encrypt( +psa_status_t mbedtls_test_opaque_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, @@ -355,7 +351,7 @@ psa_status_t test_opaque_cipher_encrypt( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_decrypt( +psa_status_t mbedtls_test_opaque_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, @@ -374,7 +370,7 @@ psa_status_t test_opaque_cipher_decrypt( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_encrypt_setup( +psa_status_t mbedtls_test_opaque_cipher_encrypt_setup( mbedtls_opaque_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, @@ -388,7 +384,7 @@ psa_status_t test_opaque_cipher_encrypt_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_decrypt_setup( +psa_status_t mbedtls_test_opaque_cipher_decrypt_setup( mbedtls_opaque_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, @@ -402,14 +398,14 @@ psa_status_t test_opaque_cipher_decrypt_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_abort( +psa_status_t mbedtls_test_opaque_cipher_abort( mbedtls_opaque_test_driver_cipher_operation_t *operation ) { (void) operation; return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_set_iv( +psa_status_t mbedtls_test_opaque_cipher_set_iv( mbedtls_opaque_test_driver_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length) @@ -420,7 +416,7 @@ psa_status_t test_opaque_cipher_set_iv( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_update( +psa_status_t mbedtls_test_opaque_cipher_update( mbedtls_opaque_test_driver_cipher_operation_t *operation, const uint8_t *input, size_t input_length, @@ -437,7 +433,7 @@ psa_status_t test_opaque_cipher_update( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_finish( +psa_status_t mbedtls_test_opaque_cipher_finish( mbedtls_opaque_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c new file mode 100644 index 0000000000..19e1033311 --- /dev/null +++ b/tests/src/drivers/test_driver_key_management.c @@ -0,0 +1,392 @@ +/* + * Test driver for generating and verifying keys. + * Currently only supports generating and verifying ECC keys. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa/crypto.h" +#include "psa_crypto_core.h" +#include "psa_crypto_ecp.h" +#include "psa_crypto_rsa.h" +#include "mbedtls/ecp.h" +#include "mbedtls/error.h" + +#include "test/drivers/key_management.h" + +#include "test/random.h" + +#include + +mbedtls_test_driver_key_management_hooks_t + mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; + +const uint8_t mbedtls_test_driver_aes_key[16] = + { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46, + 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 }; +const uint8_t mbedtls_test_driver_ecdsa_key[32] = + { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63, + 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18, + 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7, + 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a }; +const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = + { 0x04, + 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c, + 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44, + 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a, + 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19, + 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31, + 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b, + 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, + 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; + +psa_status_t mbedtls_test_transparent_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key, size_t key_size, size_t *key_length ) +{ + ++mbedtls_test_driver_key_management_hooks.hits; + + if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_key_management_hooks.forced_status ); + + if( mbedtls_test_driver_key_management_hooks.forced_output != NULL ) + { + if( mbedtls_test_driver_key_management_hooks.forced_output_length > + key_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + memcpy( key, mbedtls_test_driver_key_management_hooks.forced_output, + mbedtls_test_driver_key_management_hooks.forced_output_length ); + *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length; + return( PSA_SUCCESS ); + } + + /* Copied from psa_crypto.c */ +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) + if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) ) + && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) + { + return( mbedtls_transparent_test_driver_ecp_generate_key( + attributes, key, key_size, key_length ) ); + } + else +#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) */ + +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) + if ( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR ) + return( mbedtls_transparent_test_driver_rsa_generate_key( + attributes, key, key_size, key_length ) ); + else +#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */ + { + (void)attributes; + return( PSA_ERROR_NOT_SUPPORTED ); + } +} + +psa_status_t mbedtls_test_opaque_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key, size_t key_size, size_t *key_length ) +{ + (void) attributes; + (void) key; + (void) key_size; + (void) key_length; + return( PSA_ERROR_NOT_SUPPORTED ); +} + +psa_status_t mbedtls_test_transparent_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length, + size_t *bits) +{ + ++mbedtls_test_driver_key_management_hooks.hits; + + if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_key_management_hooks.forced_status ); + + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_type_t type = psa_get_key_type( attributes ); + +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) + if( PSA_KEY_TYPE_IS_ECC( type ) ) + { + status = mbedtls_transparent_test_driver_ecp_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ); + } + else +#endif +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) + if( PSA_KEY_TYPE_IS_RSA( type ) ) + { + status = mbedtls_transparent_test_driver_rsa_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ); + } + else +#endif + { + status = PSA_ERROR_NOT_SUPPORTED; + (void)data; + (void)data_length; + (void)key_buffer; + (void)key_buffer_size; + (void)key_buffer_length; + (void)bits; + (void)type; + } + + return( status ); +} + +psa_status_t mbedtls_test_opaque_export_key( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + uint8_t *data, size_t data_size, size_t *data_length ) +{ + if( key_length != sizeof( psa_drv_slot_number_t ) ) + { + /* Test driver does not support generic opaque key handling yet. */ + return( PSA_ERROR_NOT_SUPPORTED ); + } + + /* Assume this is a builtin key based on the key material length. */ + psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); + + switch( slot_number ) + { + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + /* This is the ECDSA slot. Verify the key's attributes before + * returning the private key. */ + if( psa_get_key_type( attributes ) != + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 256 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != + PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( ( psa_get_key_usage_flags( attributes ) & + PSA_KEY_USAGE_EXPORT ) == 0 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, mbedtls_test_driver_ecdsa_key, + sizeof( mbedtls_test_driver_ecdsa_key ) ); + *data_length = sizeof( mbedtls_test_driver_ecdsa_key ); + return( PSA_SUCCESS ); + + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: + /* This is the AES slot. Verify the key's attributes before + * returning the key. */ + if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 128 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( ( psa_get_key_usage_flags( attributes ) & + PSA_KEY_USAGE_EXPORT ) == 0 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( mbedtls_test_driver_aes_key ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, mbedtls_test_driver_aes_key, + sizeof( mbedtls_test_driver_aes_key ) ); + *data_length = sizeof( mbedtls_test_driver_aes_key ); + return( PSA_SUCCESS ); + + default: + return( PSA_ERROR_DOES_NOT_EXIST ); + } +} + +psa_status_t mbedtls_test_transparent_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + uint8_t *data, size_t data_size, size_t *data_length ) +{ + ++mbedtls_test_driver_key_management_hooks.hits; + + if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_key_management_hooks.forced_status ); + + if( mbedtls_test_driver_key_management_hooks.forced_output != NULL ) + { + if( mbedtls_test_driver_key_management_hooks.forced_output_length > + data_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + memcpy( data, mbedtls_test_driver_key_management_hooks.forced_output, + mbedtls_test_driver_key_management_hooks.forced_output_length ); + *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length; + return( PSA_SUCCESS ); + } + + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_type_t key_type = psa_get_key_type( attributes ); + +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) + if( PSA_KEY_TYPE_IS_ECC( key_type ) ) + { + status = mbedtls_transparent_test_driver_ecp_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length ); + } + else +#endif +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) + if( PSA_KEY_TYPE_IS_RSA( key_type ) ) + { + status = mbedtls_transparent_test_driver_rsa_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length ); + } + else +#endif + { + status = PSA_ERROR_NOT_SUPPORTED; + (void)key_buffer; + (void)key_buffer_size; + (void)key_type; + } + + return( status ); +} + +psa_status_t mbedtls_test_opaque_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + uint8_t *data, size_t data_size, size_t *data_length ) +{ + if( key_length != sizeof( psa_drv_slot_number_t ) ) + { + /* Test driver does not support generic opaque key handling yet. */ + return( PSA_ERROR_NOT_SUPPORTED ); + } + + /* Assume this is a builtin key based on the key material length. */ + psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); + switch( slot_number ) + { + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + /* This is the ECDSA slot. Verify the key's attributes before + * returning the public key. */ + if( psa_get_key_type( attributes ) != + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 256 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != + PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( mbedtls_test_driver_ecdsa_pubkey ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, mbedtls_test_driver_ecdsa_pubkey, + sizeof( mbedtls_test_driver_ecdsa_pubkey ) ); + *data_length = sizeof( mbedtls_test_driver_ecdsa_pubkey ); + return( PSA_SUCCESS ); + + default: + return( PSA_ERROR_DOES_NOT_EXIST ); + } +} + +/* The opaque test driver exposes two built-in keys when builtin key support is + * compiled in. + * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128 + * key which allows CTR mode. + * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1 + * private key which allows ECDSA sign & verify. + * The key buffer format for these is the raw format of psa_drv_slot_number_t + * (i.e. for an actual driver this would mean 'builtin_key_size' = + * sizeof(psa_drv_slot_number_t)). + */ +psa_status_t mbedtls_test_opaque_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) +{ + switch( slot_number ) + { + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: + psa_set_key_type( attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( attributes, 128 ); + psa_set_key_usage_flags( + attributes, + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( attributes, PSA_ALG_CTR ); + + if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + *( (psa_drv_slot_number_t*) key_buffer ) = + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; + *key_buffer_length = sizeof( psa_drv_slot_number_t ); + return( PSA_SUCCESS ); + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + psa_set_key_type( + attributes, + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); + psa_set_key_bits( attributes, 256 ); + psa_set_key_usage_flags( + attributes, + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( + attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ); + + if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + *( (psa_drv_slot_number_t*) key_buffer ) = + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; + *key_buffer_length = sizeof( psa_drv_slot_number_t ); + return( PSA_SUCCESS ); + default: + return( PSA_ERROR_DOES_NOT_EXIST ); + } +} + +#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/signature.c b/tests/src/drivers/test_driver_signature.c similarity index 81% rename from tests/src/drivers/signature.c rename to tests/src/drivers/test_driver_signature.c index 47c6debc5b..be8c1792bc 100644 --- a/tests/src/drivers/signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -41,28 +41,32 @@ #include -test_driver_signature_hooks_t test_driver_signature_sign_hooks = TEST_DRIVER_SIGNATURE_INIT; -test_driver_signature_hooks_t test_driver_signature_verify_hooks = TEST_DRIVER_SIGNATURE_INIT; +mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; +mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; -psa_status_t test_transparent_signature_sign_hash( +psa_status_t mbedtls_test_transparent_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ) { - ++test_driver_signature_sign_hooks.hits; + ++mbedtls_test_driver_signature_sign_hooks.hits; - if( test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_signature_sign_hooks.forced_status ); + if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_signature_sign_hooks.forced_status ); - if( test_driver_signature_sign_hooks.forced_output != NULL ) + if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL ) { - if( test_driver_signature_sign_hooks.forced_output_length > signature_size ) + if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > + signature_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( signature, test_driver_signature_sign_hooks.forced_output, - test_driver_signature_sign_hooks.forced_output_length ); - *signature_length = test_driver_signature_sign_hooks.forced_output_length; + memcpy( signature, + mbedtls_test_driver_signature_sign_hooks.forced_output, + mbedtls_test_driver_signature_sign_hooks.forced_output_length ); + *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; return( PSA_SUCCESS ); } @@ -120,7 +124,7 @@ psa_status_t test_transparent_signature_sign_hash( } } -psa_status_t test_opaque_signature_sign_hash( +psa_status_t mbedtls_test_opaque_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, @@ -140,17 +144,17 @@ psa_status_t test_opaque_signature_sign_hash( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_transparent_signature_verify_hash( +psa_status_t mbedtls_test_transparent_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ) { - ++test_driver_signature_verify_hooks.hits; + ++mbedtls_test_driver_signature_verify_hooks.hits; - if( test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_signature_verify_hooks.forced_status ); + if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_signature_verify_hooks.forced_status ); #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) @@ -200,7 +204,7 @@ psa_status_t test_transparent_signature_verify_hash( } } -psa_status_t test_opaque_signature_verify_hash( +psa_status_t mbedtls_test_opaque_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, diff --git a/tests/src/drivers/test_driver_size.c b/tests/src/drivers/test_driver_size.c new file mode 100644 index 0000000000..d8bcaee381 --- /dev/null +++ b/tests/src/drivers/test_driver_size.c @@ -0,0 +1,101 @@ +/* + * Test driver for retrieving key context size. + * Only used by opaque drivers. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) + +#include "test/drivers/size.h" +#include "psa/crypto.h" + +typedef struct { + unsigned int context; +} test_driver_key_context_t; + +/* + * This macro returns the base size for the key context. It is the size of the + * driver specific information stored in each key context. + */ +#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof( test_driver_key_context_t ) + +/* + * Number of bytes included in every key context for a key pair. + * + * This pair size is for an ECC 256-bit private/public key pair. + * Based on this value, the size of the private key can be derived by + * subtracting the public key size below from this one. + */ +#define TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE 65 + +/* + * Number of bytes included in every key context for a public key. + * + * For ECC public keys, it needs 257 bits so 33 bytes. + */ +#define TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE 33 + +/* + * Every key context for a symmetric key includes this many times the key size. + */ +#define TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR 0 + +/* + * If this is true for a key pair, the key context includes space for the public key. + * If this is false, no additional space is added for the public key. + * + * For this instance, store the public key with the private one. + */ +#define TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY 1 + +size_t mbedtls_test_size_function( + const psa_key_type_t key_type, + const size_t key_bits ) +{ + size_t key_buffer_size = 0; + + if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) ) + { + int public_key_overhead = + ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) + ? PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 ); + key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE + + public_key_overhead; + } + else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( key_type ) ) + { + key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE; + } + else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) && + !PSA_KEY_TYPE_IS_PUBLIC_KEY ( key_type ) ) + { + key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + + ( TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR * + ( ( key_bits + 7 ) / 8 ) ); + } + + return( key_buffer_size ); +} +#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index e323275e5f..b7c9867b05 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -282,3 +282,59 @@ void mbedtls_param_failed( const char *failure_condition, } } #endif /* MBEDTLS_CHECK_PARAMS */ + +#if defined(MBEDTLS_TEST_HOOKS) +void mbedtls_test_err_add_check( int high, int low, + const char *file, int line ) +{ + /* Error codes are always negative (a value of zero is a success) however + * their positive opposites can be easier to understand. The following + * examples given in comments have been made positive for ease of + * understanding. The structure of an error code is such: + * + * shhhhhhhhlllllll + * + * s = sign bit. + * h = high level error code (includes high level module ID (bits 12..14) + * and module-dependent error code (bits 7..11)). + * l = low level error code. + */ + if ( high > -0x1000 && high != 0 ) + /* high < 0001000000000000 + * No high level module ID bits are set. + */ + { + mbedtls_test_fail( "'high' is not a high-level error code", + line, file ); + } + else if ( high < -0x7F80 ) + /* high > 0111111110000000 + * Error code is greater than the largest allowed high level module ID. + */ + { + mbedtls_test_fail( "'high' error code is greater than 15 bits", + line, file ); + } + else if ( ( high & 0x7F ) != 0 ) + /* high & 0000000001111111 + * Error code contains low level error code bits. + */ + { + mbedtls_test_fail( "'high' contains a low-level error code", + line, file ); + } + else if ( low < -0x007F ) + /* low > 0000000001111111 + * Error code contains high or module level error code bits. + */ + { + mbedtls_test_fail( "'low' error code is greater than 7 bits", + line, file ); + } + else if ( low > 0 ) + { + mbedtls_test_fail( "'low' error code is greater than zero", + line, file ); + } +} +#endif /* MBEDTLS_TEST_HOOKS */ diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e82f7cf3ec..32bd65dac6 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4451,6 +4451,7 @@ run_test "Authentication, CA callback: client max_int chain, server required" # Tests for certificate selection based on SHA verson +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ "$P_SRV crt_file=data_files/server5.crt \ key_file=data_files/server5.key \ @@ -4461,6 +4462,7 @@ run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ -c "signed using.*ECDSA with SHA256" \ -C "signed using.*ECDSA with SHA1" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Certificate hash: client TLS 1.1 -> SHA-1" \ "$P_SRV crt_file=data_files/server5.crt \ key_file=data_files/server5.key \ @@ -4471,6 +4473,7 @@ run_test "Certificate hash: client TLS 1.1 -> SHA-1" \ -C "signed using.*ECDSA with SHA256" \ -c "signed using.*ECDSA with SHA1" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Certificate hash: client TLS 1.0 -> SHA-1" \ "$P_SRV crt_file=data_files/server5.crt \ key_file=data_files/server5.key \ @@ -4481,6 +4484,7 @@ run_test "Certificate hash: client TLS 1.0 -> SHA-1" \ -C "signed using.*ECDSA with SHA256" \ -c "signed using.*ECDSA with SHA1" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \ "$P_SRV crt_file=data_files/server5.crt \ key_file=data_files/server5.key \ @@ -4492,6 +4496,7 @@ run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \ -c "signed using.*ECDSA with SHA256" \ -C "signed using.*ECDSA with SHA1" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \ "$P_SRV crt_file=data_files/server6.crt \ key_file=data_files/server6.key \ @@ -4505,6 +4510,7 @@ run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \ # tests for SNI +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: no SNI callback" \ "$P_SRV debug_level=3 \ crt_file=data_files/server5.crt key_file=data_files/server5.key" \ @@ -4514,6 +4520,7 @@ run_test "SNI: no SNI callback" \ -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=localhost" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: matching cert 1" \ "$P_SRV debug_level=3 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ @@ -4524,6 +4531,7 @@ run_test "SNI: matching cert 1" \ -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=localhost" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: matching cert 2" \ "$P_SRV debug_level=3 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ @@ -4534,6 +4542,7 @@ run_test "SNI: matching cert 2" \ -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: no matching cert" \ "$P_SRV debug_level=3 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ @@ -4641,6 +4650,7 @@ run_test "SNI: CA override with CRL" \ # Tests for SNI and DTLS +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: DTLS, no SNI callback" \ "$P_SRV debug_level=3 dtls=1 \ crt_file=data_files/server5.crt key_file=data_files/server5.key" \ @@ -4650,6 +4660,7 @@ run_test "SNI: DTLS, no SNI callback" \ -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=localhost" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: DTLS, matching cert 1" \ "$P_SRV debug_level=3 dtls=1 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ @@ -4660,6 +4671,7 @@ run_test "SNI: DTLS, matching cert 1" \ -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=localhost" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: DTLS, matching cert 2" \ "$P_SRV debug_level=3 dtls=1 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ @@ -5426,6 +5438,20 @@ run_test "DHM size: server 1024, client default, OK" \ 0 \ -C "DHM prime too short:" +run_test "DHM size: server 999, client 999, OK" \ + "$P_SRV dhm_file=data_files/dh.999.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=999" \ + 0 \ + -C "DHM prime too short:" + +run_test "DHM size: server 1000, client 1000, OK" \ + "$P_SRV dhm_file=data_files/dh.1000.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=1000" \ + 0 \ + -C "DHM prime too short:" + run_test "DHM size: server 1000, client default, rejected" \ "$P_SRV dhm_file=data_files/dh.1000.pem" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -5433,6 +5459,27 @@ run_test "DHM size: server 1000, client default, rejected" \ 1 \ -c "DHM prime too short:" +run_test "DHM size: server 1000, client 1001, rejected" \ + "$P_SRV dhm_file=data_files/dh.1000.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=1001" \ + 1 \ + -c "DHM prime too short:" + +run_test "DHM size: server 999, client 1000, rejected" \ + "$P_SRV dhm_file=data_files/dh.999.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=1000" \ + 1 \ + -c "DHM prime too short:" + +run_test "DHM size: server 998, client 999, rejected" \ + "$P_SRV dhm_file=data_files/dh.998.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=999" \ + 1 \ + -c "DHM prime too short:" + run_test "DHM size: server default, client 2049, rejected" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -6674,6 +6721,7 @@ run_test "SSL async private: sign, RSA, TLS 1.1" \ -s "Async resume (slot [0-9]): sign done, status=0" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SSL async private: sign, SNI" \ "$P_SRV debug_level=3 \ async_operations=s async_private_delay1=0 async_private_delay2=0 \ diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 36a7d231e3..ac00f45e57 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -33,6 +33,10 @@ #include "psa/crypto.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_TEST_HOOKS) +#include "mbedtls/error.h" +#endif + /* Test code may use deprecated identifiers only if the preprocessor symbol * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set * MBEDTLS_TEST_DEPRECATED explicitly if MBEDTLS_DEPRECATED_WARNING is @@ -279,6 +283,10 @@ $platform_code */ int main( int argc, const char *argv[] ) { +#if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C) + mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; +#endif + int ret = mbedtls_test_platform_setup(); if( ret != 0 ) { diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 76e474f217..3d3f6a3292 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -422,124 +422,6 @@ void cipher_invalid_param_conditional( ) valid_buffer, valid_size, valid_buffer, NULL ) ); -#if defined(MBEDTLS_CIPHER_MODE_AEAD) - /* mbedtls_cipher_auth_encrypt() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - NULL, valid_size ) ); - - /* mbedtls_cipher_auth_decrypt() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - NULL, valid_size ) ); -#endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */ - #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) /* mbedtls_cipher_auth_encrypt_ext */ TEST_INVALID_PARAM_RET( @@ -1126,11 +1008,6 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, * of AEAD decryption and AEAD encryption. Check that * this results in the expected plaintext, and that * decryption and encryption are inverse to one another. - * - * Do that twice: - * - once with legacy functions auth_decrypt/auth_encrypt - * - once with new functions auth_decrypt_ext/auth_encrypt_ext - * This allows testing both without duplicating test cases. */ int ret; @@ -1146,13 +1023,6 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, unsigned char *encrypt_buf = NULL; size_t encrypt_buf_len = 0; -#if !defined(MBEDTLS_DEPRECATED_WARNING) && \ - !defined(MBEDTLS_DEPRECATED_REMOVED) - unsigned char *tmp_tag = NULL; - unsigned char *tmp_cipher = NULL; - unsigned char *tag_buf = NULL; -#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */ - /* Null pointers are documented as valid for inputs of length 0. * The test framework passes non-null pointers, so set them to NULL. * key, cipher and tag can't be empty. */ @@ -1184,12 +1054,6 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, cipher_id == MBEDTLS_CIPHER_AES_256_KW || using_nist_kw_padding; - /**************************************************************** - * * - * Part 1: non-deprecated API * - * * - ****************************************************************/ - /* * Prepare context for decryption */ @@ -1253,7 +1117,6 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len ); } - /* Free this, but keep cipher_plus_tag for deprecated function with PSA */ mbedtls_free( decrypt_buf ); decrypt_buf = NULL; @@ -1315,135 +1178,12 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, encrypt_buf = NULL; } - /**************************************************************** - * * - * Part 2: deprecated API * - * * - ****************************************************************/ - -#if !defined(MBEDTLS_DEPRECATED_WARNING) && \ - !defined(MBEDTLS_DEPRECATED_REMOVED) - - /* - * Prepare context for decryption - */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_DECRYPT ) ) - goto exit; - - /* - * Prepare pointers for decryption - */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa == 1 ) - { - /* PSA requires that the tag immediately follows the ciphertext. - * Fortunately, we already have that from testing the new API. */ - tmp_cipher = cipher_plus_tag; - tmp_tag = tmp_cipher + cipher->len; - } - else -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - { - tmp_cipher = cipher->x; - tmp_tag = tag->x; - } - - /* - * Authenticate and decrypt, and check result - */ - - ASSERT_ALLOC( decrypt_buf, cipher->len ); - outlen = 0; - ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len, - tmp_cipher, cipher->len, decrypt_buf, &outlen, - tmp_tag, tag->len ); - - if( using_nist_kw ) - { - /* NIST_KW with legacy API */ - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - } - else if( strcmp( result, "FAIL" ) == 0 ) - { - /* unauthentic message */ - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - TEST_ASSERT( buffer_is_all_zero( decrypt_buf, cipher->len ) ); - } - else - { - /* authentic message: is the plaintext correct? */ - TEST_ASSERT( ret == 0 ); - ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len ); - } - - mbedtls_free( decrypt_buf ); - decrypt_buf = NULL; - mbedtls_free( cipher_plus_tag ); - cipher_plus_tag = NULL; - - /* - * Encrypt back if test data was authentic - */ - if( strcmp( result, "FAIL" ) != 0 ) - { - /* prepare context for encryption */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_ENCRYPT ) ) - goto exit; - - /* prepare buffers for encryption */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa ) - { - ASSERT_ALLOC( cipher_plus_tag, cipher->len + tag->len ); - tmp_cipher = cipher_plus_tag; - tmp_tag = cipher_plus_tag + cipher->len; - } - else -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - { - ASSERT_ALLOC( encrypt_buf, cipher->len ); - ASSERT_ALLOC( tag_buf, tag->len ); - tmp_cipher = encrypt_buf; - tmp_tag = tag_buf; - } - - /* - * Encrypt and check the result - */ - outlen = 0; - ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len, - clear->x, clear->len, tmp_cipher, &outlen, - tmp_tag, tag->len ); - - if( using_nist_kw ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - } - else - { - TEST_ASSERT( ret == 0 ); - - TEST_ASSERT( outlen == cipher->len ); - if( cipher->len != 0 ) - TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 ); - TEST_ASSERT( memcmp( tmp_tag, tag->x, tag->len ) == 0 ); - } - } - -#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */ - exit: mbedtls_cipher_free( &ctx ); mbedtls_free( decrypt_buf ); mbedtls_free( encrypt_buf ); mbedtls_free( cipher_plus_tag ); -#if !defined(MBEDTLS_DEPRECATED_WARNING) && \ - !defined(MBEDTLS_DEPRECATED_REMOVED) - mbedtls_free( tag_buf ); -#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) if( use_psa == 1 ) diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data index eb99b79110..0935c12448 100644 --- a/tests/suites/test_suite_debug.data +++ b/tests/suites/test_suite_debug.data @@ -38,11 +38,11 @@ Debug print buffer #5 mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n" Debug print certificate #1 (RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n" Debug print certificate #2 (EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n" Debug print mbedtls_mpi #1 diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index 377d630d90..ad50e53fd1 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -131,7 +131,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_debug_print_crt( char * crt_file, char * file, int line, char * prefix, char * result_str ) { diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 8157234f8f..58cedc13c4 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -599,7 +599,8 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, cnt_restart = 0; do { ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx ); + md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL, + &rs_ctx ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); TEST_ASSERT( ret == 0 ); @@ -614,7 +615,8 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, if( min_restart > 0 ) { ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx ); + md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL, + &rs_ctx ); TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); } diff --git a/tests/suites/test_suite_oid.function b/tests/suites/test_suite_oid.function index 9e8d43739c..5c56ef4983 100644 --- a/tests/suites/test_suite_oid.function +++ b/tests/suites/test_suite_oid.function @@ -6,7 +6,7 @@ /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_OID_C + * depends_on:MBEDTLS_OID_C:!MBEDTLS_X509_REMOVE_INFO * END_DEPENDENCIES */ diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index bc469b68db..9454fe7c75 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -821,7 +821,8 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, cnt_restart = 0; do { ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, NULL, NULL, &rs_ctx ); + sig, &slen, mbedtls_test_rnd_std_rand, + NULL, &rs_ctx ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); TEST_ASSERT( ret == 0 ); @@ -868,7 +869,8 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, slen = sizeof( sig ); ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, NULL, NULL, &rs_ctx ); + sig, &slen, mbedtls_test_rnd_std_rand, + NULL, &rs_ctx ); TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); } diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8f04bc8178..bff0c35a04 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2924,24 +2924,16 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; unsigned char *output_data2 = NULL; size_t output_length2 = 0; - size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_status_t expected_result = expected_result_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - output_size = input_data->len + tag_length; - /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE - * should be exact. */ - if( expected_result != PSA_ERROR_INVALID_ARGUMENT ) - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) ); - ASSERT_ALLOC( output_data, output_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); @@ -2950,6 +2942,22 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, + alg ); + /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE + * should be exact. */ + if( expected_result != PSA_ERROR_INVALID_ARGUMENT && + expected_result != PSA_ERROR_NOT_SUPPORTED ) + { + TEST_EQUAL( output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); + TEST_ASSERT( output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + } + ASSERT_ALLOC( output_data, output_size ); status = psa_aead_encrypt( key, alg, nonce->x, nonce->len, @@ -2977,7 +2985,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE * should be exact. */ TEST_EQUAL( input_data->len, - PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, output_length ) ); + PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, output_length ) ); TEST_ASSERT( input_data->len <= PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( output_length ) ); @@ -3014,22 +3022,13 @@ void aead_encrypt( int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - output_size = input_data->len + tag_length; - /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE - * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); - ASSERT_ALLOC( output_data, output_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); @@ -3038,6 +3037,18 @@ void aead_encrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, + alg ); + /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE + * should be exact. */ + TEST_EQUAL( output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); + TEST_ASSERT( output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + ASSERT_ALLOC( output_data, output_size ); status = psa_aead_encrypt( key, alg, nonce->x, nonce->len, @@ -3078,26 +3089,14 @@ void aead_decrypt( int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_result = expected_result_arg; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - output_size = input_data->len - tag_length; - if( expected_result != PSA_ERROR_INVALID_ARGUMENT ) - { - /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE - * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); - } - ASSERT_ALLOC( output_data, output_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); @@ -3106,6 +3105,22 @@ void aead_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits, + alg ); + if( expected_result != PSA_ERROR_INVALID_ARGUMENT && + expected_result != PSA_ERROR_NOT_SUPPORTED ) + { + /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE + * should be exact. */ + TEST_EQUAL( output_size, + PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); + TEST_ASSERT( output_size <= + PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + } + ASSERT_ALLOC( output_data, output_size ); status = psa_aead_decrypt( key, alg, nonce->x, nonce->len, diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 241d715b36..5fbfac66a8 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -243,3 +243,81 @@ aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00 PSA AEAD decrypt, AES-GCM, 144 bytes #1, INSUFFICIENT_MEMORY depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INSUFFICIENT_MEMORY + +PSA opaque driver builtin key export: AES +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS + +PSA opaque driver builtin key export: AES (registered to ID_MAX-1) +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS + +PSA opaque driver builtin key export: AES (registered to ID_MAX) +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS + +PSA opaque driver builtin key export: key ID out of range (ID_MIN - 1) +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE + +PSA opaque driver builtin key export: key ID out of range (ID_MAX + 1) +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE + +PSA opaque driver builtin key export: secp256r1 +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"dc7d9d26d67a4f632c34c2dc0b6986183882c206df04cdb7d69aabe28be4f81a":PSA_SUCCESS + +PSA opaque driver builtin pubkey export: secp256r1 +builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_SUCCESS + +PSA opaque driver builtin pubkey export: not a public key +builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_ERROR_INVALID_ARGUMENT + +Hash compute: SHA-256, computed by the driver +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS + +Hash compute: SHA-256, fallback +depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS + +Hash compute: SHA-256, no fallback +depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256 +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED + +Hash compute: SHA-256, INSUFFICIENT_MEMORY +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY + +Hash multi-part setup: SHA-256, computed by the driver +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS + +Hash multi-part setup: SHA-256, fallback +depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 +hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS + +Hash multi-part setup: SHA-256, no fallback +depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256 +hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED + +Hash multi-part setup: SHA-256, INSUFFICIENT_MEMORY +hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY + +Hash multi-part update: SHA-256, update successful +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS + +Hash multi-part update: SHA-256, update failure +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED + +Hash multi-part finish: SHA-256, finish successful +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS + +Hash multi-part finish: SHA-256, finish failure +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED + +Hash clone: SHA-256, clone successful +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS + +Hash clone: SHA-256, clone failure +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index b287ce17ab..a0b719ef69 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -23,7 +23,8 @@ void ecdsa_sign( int force_status_arg, uint8_t signature[64]; size_t signature_length = 0xdeadbeef; psa_status_t actual_status; - test_driver_signature_sign_hooks = test_driver_signature_hooks_init(); + mbedtls_test_driver_signature_sign_hooks = + mbedtls_test_driver_signature_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_type( &attributes, @@ -34,11 +35,13 @@ void ecdsa_sign( int force_status_arg, key_input->x, key_input->len, &key ); - test_driver_signature_sign_hooks.forced_status = force_status; + mbedtls_test_driver_signature_sign_hooks.forced_status = force_status; if( fake_output == 1 ) { - test_driver_signature_sign_hooks.forced_output = expected_output->x; - test_driver_signature_sign_hooks.forced_output_length = expected_output->len; + mbedtls_test_driver_signature_sign_hooks.forced_output = + expected_output->x; + mbedtls_test_driver_signature_sign_hooks.forced_output_length = + expected_output->len; } actual_status = psa_sign_hash( key, alg, @@ -51,13 +54,14 @@ void ecdsa_sign( int force_status_arg, ASSERT_COMPARE( signature, signature_length, expected_output->x, expected_output->len ); } - TEST_EQUAL( test_driver_signature_sign_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, 1 ); exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_signature_sign_hooks = test_driver_signature_hooks_init(); + mbedtls_test_driver_signature_sign_hooks = + mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ @@ -75,7 +79,8 @@ void ecdsa_verify( int force_status_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); psa_status_t actual_status; - test_driver_signature_verify_hooks = test_driver_signature_hooks_init(); + mbedtls_test_driver_signature_verify_hooks = + mbedtls_test_driver_signature_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); if( register_public_key ) @@ -99,19 +104,20 @@ void ecdsa_verify( int force_status_arg, &key ); } - test_driver_signature_verify_hooks.forced_status = force_status; + mbedtls_test_driver_signature_verify_hooks.forced_status = force_status; actual_status = psa_verify_hash( key, alg, data_input->x, data_input->len, signature_input->x, signature_input->len ); TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( test_driver_signature_verify_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, 1 ); exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_signature_verify_hooks = test_driver_signature_hooks_init(); + mbedtls_test_driver_signature_verify_hooks = + mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ @@ -130,7 +136,8 @@ void generate_key( int force_status_arg, psa_status_t actual_status; uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = {0}; size_t actual_output_length; - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); @@ -140,18 +147,22 @@ void generate_key( int force_status_arg, if( fake_output->len > 0 ) { - expected_output = test_driver_key_management_hooks.forced_output = fake_output->x; - expected_output_length = test_driver_key_management_hooks.forced_output_length = + expected_output = + mbedtls_test_driver_key_management_hooks.forced_output = + fake_output->x; + + expected_output_length = + mbedtls_test_driver_key_management_hooks.forced_output_length = fake_output->len; } - test_driver_key_management_hooks.hits = 0; - test_driver_key_management_hooks.forced_status = force_status; + mbedtls_test_driver_key_management_hooks.hits = 0; + mbedtls_test_driver_key_management_hooks.forced_status = force_status; PSA_ASSERT( psa_crypto_init( ) ); actual_status = psa_generate_key( &attributes, &key ); - TEST_EQUAL( test_driver_key_management_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); TEST_EQUAL( actual_status, expected_status ); if( actual_status == PSA_SUCCESS ) @@ -178,7 +189,8 @@ exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ @@ -194,25 +206,27 @@ void validate_key( int force_status_arg, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t actual_status; - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); psa_set_key_type( &attributes, key_type ); psa_set_key_bits( &attributes, 0 ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - test_driver_key_management_hooks.forced_status = force_status; + mbedtls_test_driver_key_management_hooks.forced_status = force_status; PSA_ASSERT( psa_crypto_init( ) ); actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &key ); - TEST_EQUAL( test_driver_key_management_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); TEST_EQUAL( actual_status, expected_status ); exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ @@ -236,7 +250,8 @@ void export_key( int force_status_arg, psa_status_t actual_status; uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = {0}; size_t actual_output_length; - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); psa_set_key_type( &attributes, input_key_type ); psa_set_key_bits( &attributes, 256 ); @@ -247,8 +262,12 @@ void export_key( int force_status_arg, if( fake_output->len > 0 ) { - expected_output_ptr = test_driver_key_management_hooks.forced_output = fake_output->x; - expected_output_length = test_driver_key_management_hooks.forced_output_length = + expected_output_ptr = + mbedtls_test_driver_key_management_hooks.forced_output = + fake_output->x; + + expected_output_length = + mbedtls_test_driver_key_management_hooks.forced_output_length = fake_output->len; } else @@ -257,8 +276,8 @@ void export_key( int force_status_arg, expected_output_length = expected_output->len; } - test_driver_key_management_hooks.hits = 0; - test_driver_key_management_hooks.forced_status = force_status; + mbedtls_test_driver_key_management_hooks.hits = 0; + mbedtls_test_driver_key_management_hooks.forced_status = force_status; if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) ) actual_status = psa_export_public_key( handle, actual_output, sizeof(actual_output), &actual_output_length ); @@ -268,7 +287,7 @@ void export_key( int force_status_arg, if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) && !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( input_key_type ) ) - TEST_EQUAL( test_driver_key_management_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); if( actual_status == PSA_SUCCESS ) { @@ -279,7 +298,8 @@ exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); PSA_DONE( ); - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ @@ -303,8 +323,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); - test_driver_cipher_hooks.forced_status = force_status; + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks.forced_status = force_status; PSA_ASSERT( psa_crypto_init( ) ); @@ -316,12 +336,12 @@ void cipher_encrypt( int alg_arg, int key_type_arg, &key ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); @@ -329,21 +349,21 @@ void cipher_encrypt( int alg_arg, int key_type_arg, if( mock_output_arg ) { - test_driver_cipher_hooks.forced_output = expected_output->x; - test_driver_cipher_hooks.forced_output_length = expected_output->len; + mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; + mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } PSA_ASSERT( psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; if( mock_output_arg ) { - test_driver_cipher_hooks.forced_output = NULL; - test_driver_cipher_hooks.forced_output_length = 0; + mbedtls_test_driver_cipher_hooks.forced_output = NULL; + mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } total_output_length += function_output_length; @@ -352,8 +372,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, output_buffer_size - total_output_length, &function_output_length ); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; @@ -362,7 +382,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, { PSA_ASSERT( psa_cipher_abort( &operation ) ); // driver function should've been called as part of the finish() core routine - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } @@ -372,7 +392,7 @@ exit: mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ @@ -396,7 +416,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); @@ -408,12 +428,12 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, &key ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); @@ -423,8 +443,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; TEST_ASSERT( function_output_length == output1_length ); total_output_length += function_output_length; @@ -434,8 +454,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, output + total_output_length, output_buffer_size - total_output_length, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; TEST_ASSERT( function_output_length == output2_length ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_finish( &operation, @@ -443,11 +463,11 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, output_buffer_size - total_output_length, &function_output_length ) ); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - test_driver_cipher_hooks.hits = 0 ; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + mbedtls_test_driver_cipher_hooks.hits = 0 ; total_output_length += function_output_length; PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); @@ -457,7 +477,7 @@ exit: mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ @@ -481,7 +501,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); @@ -493,12 +513,12 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, &key ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); @@ -509,8 +529,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; TEST_ASSERT( function_output_length == output1_length ); total_output_length += function_output_length; @@ -520,8 +540,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, output + total_output_length, output_buffer_size - total_output_length, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; TEST_ASSERT( function_output_length == output2_length ); total_output_length += function_output_length; @@ -530,11 +550,11 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, output_buffer_size - total_output_length, &function_output_length ) ); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); @@ -544,7 +564,7 @@ exit: mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ @@ -568,8 +588,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); - test_driver_cipher_hooks.forced_status = force_status; + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks.forced_status = force_status; PSA_ASSERT( psa_crypto_init( ) ); @@ -581,12 +601,12 @@ void cipher_decrypt( int alg_arg, int key_type_arg, &key ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); @@ -594,21 +614,21 @@ void cipher_decrypt( int alg_arg, int key_type_arg, if( mock_output_arg ) { - test_driver_cipher_hooks.forced_output = expected_output->x; - test_driver_cipher_hooks.forced_output_length = expected_output->len; + mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; + mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } PSA_ASSERT( psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; if( mock_output_arg ) { - test_driver_cipher_hooks.forced_output = NULL; - test_driver_cipher_hooks.forced_output_length = 0; + mbedtls_test_driver_cipher_hooks.forced_output = NULL; + mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } total_output_length += function_output_length; @@ -617,8 +637,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, output_buffer_size - total_output_length, &function_output_length ); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; TEST_EQUAL( status, expected_status ); @@ -626,7 +646,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } @@ -636,7 +656,7 @@ exit: mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ @@ -654,7 +674,7 @@ void cipher_entry_points( int alg_arg, int key_type_arg, size_t function_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); ASSERT_ALLOC( output, input->len + 16 ); output_buffer_size = input->len + 16; @@ -669,136 +689,136 @@ void cipher_entry_points( int alg_arg, int key_type_arg, &key ) ); /* Test setup call, encrypt */ - test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; status = psa_cipher_encrypt_setup( &operation, key, alg ); /* When setup fails, it shouldn't call any further entry points */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_set_iv( &operation, iv->x, iv->len ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); /* Test setup call failure, decrypt */ status = psa_cipher_decrypt_setup( &operation, key, alg ); /* When setup fails, it shouldn't call any further entry points */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_set_iv( &operation, iv->x, iv->len ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); /* Test IV setting failure */ - test_driver_cipher_hooks.forced_status = PSA_SUCCESS; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; - test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; status = psa_cipher_set_iv( &operation, iv->x, iv->len ); /* When setting the IV fails, it should call abort too */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); /* Failure should prevent further operations from executing on the driver */ - test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); psa_cipher_abort( &operation ); /* Test IV generation failure */ - test_driver_cipher_hooks.forced_status = PSA_SUCCESS; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; - test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; status = psa_cipher_generate_iv( &operation, output, 16, &function_output_length ); /* When generating the IV fails, it should call abort too */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); /* Failure should prevent further operations from executing on the driver */ - test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); psa_cipher_abort( &operation ); /* Test update failure */ - test_driver_cipher_hooks.forced_status = PSA_SUCCESS; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; - test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); /* When the update call fails, it should call abort too */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); /* Failure should prevent further operations from executing on the driver */ - test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); psa_cipher_abort( &operation ); /* Test finish failure */ - test_driver_cipher_hooks.forced_status = PSA_SUCCESS; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; - test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; status = psa_cipher_finish( &operation, output + function_output_length, output_buffer_size - function_output_length, &function_output_length ); /* When the finish call fails, it should call abort too */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); /* Failure should prevent further operations from executing on the driver */ - test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); psa_cipher_abort( &operation ); exit: @@ -806,7 +826,7 @@ exit: mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ @@ -822,23 +842,14 @@ void aead_encrypt( int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; psa_status_t forced_status = forced_status_arg; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - test_driver_aead_hooks = test_driver_aead_hooks_init(); - - output_size = input_data->len + tag_length; - /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE - * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); - ASSERT_ALLOC( output_data, output_size ); + mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); @@ -848,16 +859,28 @@ void aead_encrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); - test_driver_aead_hooks.forced_status = forced_status; + output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, + alg ); + /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE + * should be exact. */ + TEST_EQUAL( output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); + TEST_ASSERT( output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + ASSERT_ALLOC( output_data, output_size ); + + mbedtls_test_driver_aead_hooks.forced_status = forced_status; status = psa_aead_encrypt( key, alg, nonce->x, nonce->len, additional_data->x, additional_data->len, input_data->x, input_data->len, output_data, output_size, &output_length ); - TEST_EQUAL( test_driver_aead_hooks.hits, 1 ); - TEST_EQUAL( test_driver_aead_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status ); TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? PSA_SUCCESS : forced_status ); @@ -872,7 +895,7 @@ exit: psa_destroy_key( key ); mbedtls_free( output_data ); PSA_DONE( ); - test_driver_aead_hooks = test_driver_aead_hooks_init(); + mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); } /* END_CASE */ @@ -888,17 +911,14 @@ void aead_decrypt( int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; psa_status_t forced_status = forced_status_arg; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - test_driver_aead_hooks = test_driver_aead_hooks_init(); - - output_size = input_data->len - tag_length; - ASSERT_ALLOC( output_data, output_size ); + mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); @@ -908,8 +928,14 @@ void aead_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); - test_driver_aead_hooks.forced_status = forced_status; + output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits, + alg ); + ASSERT_ALLOC( output_data, output_size ); + + mbedtls_test_driver_aead_hooks.forced_status = forced_status; status = psa_aead_decrypt( key, alg, nonce->x, nonce->len, additional_data->x, @@ -917,8 +943,8 @@ void aead_decrypt( int key_type_arg, data_t *key_data, input_data->x, input_data->len, output_data, output_size, &output_length ); - TEST_EQUAL( test_driver_aead_hooks.hits, 1 ); - TEST_EQUAL( test_driver_aead_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status ); TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? PSA_SUCCESS : forced_status ); @@ -933,6 +959,363 @@ exit: psa_destroy_key( key ); mbedtls_free( output_data ); PSA_DONE( ); - test_driver_aead_hooks = test_driver_aead_hooks_init(); + mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ +void builtin_key_export( int builtin_key_id_arg, + int builtin_key_type_arg, + int builtin_key_bits_arg, + int builtin_key_algorithm_arg, + data_t *expected_output, + int expected_status_arg ) +{ + psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg; + psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg; + psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg; + size_t builtin_key_bits = (size_t) builtin_key_bits_arg; + psa_status_t expected_status = expected_status_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id ); + uint8_t* output_buffer = NULL; + size_t output_size = 0; + psa_status_t actual_status; + + PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC( output_buffer, expected_output->len ); + + actual_status = psa_export_key( key, output_buffer, expected_output->len, &output_size ); + + if( expected_status == PSA_SUCCESS ) + { + PSA_ASSERT( actual_status ); + TEST_EQUAL( output_size, expected_output->len ); + ASSERT_COMPARE( output_buffer, output_size, + expected_output->x, expected_output->len ); + + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits ); + TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg ); + } + else + { + if( actual_status != expected_status ) + fprintf( stderr, "Expected %d but got %d\n", expected_status, actual_status ); + TEST_EQUAL( actual_status, expected_status ); + TEST_EQUAL( output_size, 0 ); + } + +exit: + mbedtls_free( output_buffer ); + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ +void builtin_pubkey_export( int builtin_key_id_arg, + int builtin_key_type_arg, + int builtin_key_bits_arg, + int builtin_key_algorithm_arg, + data_t *expected_output, + int expected_status_arg ) +{ + psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg; + psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg; + psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg; + size_t builtin_key_bits = (size_t) builtin_key_bits_arg; + psa_status_t expected_status = expected_status_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id ); + uint8_t* output_buffer = NULL; + size_t output_size = 0; + psa_status_t actual_status; + + PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC( output_buffer, expected_output->len ); + + actual_status = psa_export_public_key( key, output_buffer, expected_output->len, &output_size ); + + if( expected_status == PSA_SUCCESS ) + { + PSA_ASSERT( actual_status ); + TEST_EQUAL( output_size, expected_output->len ); + ASSERT_COMPARE( output_buffer, output_size, + expected_output->x, expected_output->len ); + + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits ); + TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg ); + } + else + { + TEST_EQUAL( actual_status, expected_status ); + TEST_EQUAL( output_size, 0 ); + } + +exit: + mbedtls_free( output_buffer ); + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_compute( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg, + int expected_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t forced_status = forced_status_arg; + psa_status_t expected_status = expected_status_arg; + unsigned char *output = NULL; + size_t output_length; + + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks.forced_status = forced_status; + + PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + + TEST_EQUAL( psa_hash_compute( alg, input->x, input->len, + output, PSA_HASH_LENGTH( alg ), + &output_length ), expected_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + + if( expected_status == PSA_SUCCESS ) + { + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + } + +exit: + mbedtls_free( output ); + PSA_DONE( ); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_multipart_setup( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg, + int expected_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t forced_status = forced_status_arg; + psa_status_t expected_status = expected_status_arg; + unsigned char *output = NULL; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + size_t output_length; + + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + + PSA_ASSERT( psa_crypto_init( ) ); + + mbedtls_test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL( psa_hash_setup( &operation, alg ), expected_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + + if( expected_status == PSA_SUCCESS ) + { + PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + + PSA_ASSERT( psa_hash_finish( &operation, + output, PSA_HASH_LENGTH( alg ), + &output_length ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + } + +exit: + psa_hash_abort( &operation ); + mbedtls_free( output ); + PSA_DONE( ); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_multipart_update( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t forced_status = forced_status_arg; + unsigned char *output = NULL; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + size_t output_length; + + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* + * Update inactive operation, the driver shouldn't be called. + */ + TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + mbedtls_test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), + forced_status ); + /* One or two more calls to the driver interface: update or update + abort */ + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_SUCCESS ? 2 : 3 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + + if( forced_status == PSA_SUCCESS ) + { + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + PSA_ASSERT( psa_hash_finish( &operation, + output, PSA_HASH_LENGTH( alg ), + &output_length ) ); + /* Two calls to the driver interface: update + abort */ + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + } + +exit: + psa_hash_abort( &operation ); + mbedtls_free( output ); + PSA_DONE( ); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_multipart_finish( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t forced_status = forced_status_arg; + unsigned char *output = NULL; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + size_t output_length; + + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* + * Finish inactive operation, the driver shouldn't be called. + */ + TEST_EQUAL( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ), + &output_length ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + mbedtls_test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL( psa_hash_finish( &operation, + output, PSA_HASH_LENGTH( alg ), + &output_length ), + forced_status ); + /* Two more calls to the driver interface: finish + abort */ + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + + if( forced_status == PSA_SUCCESS ) + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + +exit: + psa_hash_abort( &operation ); + mbedtls_free( output ); + PSA_DONE( ); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_clone( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t forced_status = forced_status_arg; + unsigned char *output = NULL; + psa_hash_operation_t source_operation = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t target_operation = PSA_HASH_OPERATION_INIT; + size_t output_length; + + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* + * Clone inactive operation, the driver shouldn't be called. + */ + TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + + PSA_ASSERT( psa_hash_setup( &source_operation, alg ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + mbedtls_test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), + forced_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_SUCCESS ? 2 : 3 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + + if( forced_status == PSA_SUCCESS ) + { + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + PSA_ASSERT( psa_hash_update( &target_operation, + input->x, input->len ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + PSA_ASSERT( psa_hash_finish( &target_operation, + output, PSA_HASH_LENGTH( alg ), + &output_length ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 3 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + } + +exit: + psa_hash_abort( &source_operation ); + psa_hash_abort( &target_operation ); + mbedtls_free( output ); + PSA_DONE( ); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index bd98a7688d..4e2f4d5af2 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -134,17 +134,57 @@ Cipher: XTS depends_on:PSA_WANT_ALG_XTS:MBEDTLS_CIPHER_C cipher_algorithm:PSA_ALG_XTS:0 -AEAD: CCM -depends_on:PSA_WANT_ALG_CCM -aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16 +AEAD: CCM-AES-128 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128 -AEAD: GCM -depends_on:PSA_WANT_ALG_GCM -aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16 +AEAD: CCM-AES-192 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192 + +AEAD: CCM-AES-256 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256 + +AEAD: CCM-CAMELLIA-128 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:128 + +AEAD: CCM-CAMELLIA-192 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:192 + +AEAD: CCM-CAMELLIA-256 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:256 + +AEAD: GCM-AES-128 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128 + +AEAD: GCM-AES-192 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192 + +AEAD: GCM-AES-256 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256 + +AEAD: GCM-CAMELLIA-128 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:128 + +AEAD: GCM-CAMELLIA-192 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:192 + +AEAD: GCM-CAMELLIA-256 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:256 AEAD: ChaCha20_Poly1305 depends_on:PSA_WANT_ALG_CHACHA20_POLY1305 -aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16 +aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16:PSA_KEY_TYPE_CHACHA20:256 Asymmetric signature: RSA PKCS#1 v1.5 raw depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 8acbe44a82..8134f44710 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -169,6 +169,7 @@ exit: ; } void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, + psa_key_type_t key_type, size_t key_bits, size_t tag_length ) { /* Algorithm classification */ @@ -183,7 +184,7 @@ void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, algorithm_classification( alg, classification_flags ); /* Tag length */ - TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( alg ) ); + TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( key_type, key_bits, alg ) ); exit: ; } @@ -367,19 +368,24 @@ void cipher_algorithm( int alg_arg, int classification_flags ) /* BEGIN_CASE */ void aead_algorithm( int alg_arg, int classification_flags, - int tag_length_arg ) + int tag_length_arg, + int key_type_arg, int key_bits_arg ) { psa_algorithm_t alg = alg_arg; size_t tag_length = tag_length_arg; size_t n; + psa_key_type_t key_type = key_type_arg; + size_t key_bits = key_bits_arg; - aead_algorithm_core( alg, classification_flags, tag_length ); + aead_algorithm_core( alg, classification_flags, + key_type, key_bits, tag_length ); /* Truncated versions */ for( n = 1; n <= tag_length; n++ ) { psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, n ); - aead_algorithm_core( truncated_alg, classification_flags, n ); + aead_algorithm_core( truncated_alg, classification_flags, + key_type, key_bits, n ); TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( truncated_alg ), alg ); /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG twice gives @@ -411,7 +417,8 @@ void aead_algorithm( int alg_arg, int classification_flags, for( n = 1; n <= tag_length; n++ ) { psa_algorithm_t policy_alg = PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, n ); - aead_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD, n ); + aead_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD, + key_type, key_bits, n ); TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( policy_alg ), alg ); /* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG twice diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 3d9751524d..c5390b2b1a 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -9219,7 +9219,7 @@ ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb4191 SSL TLS 1.3 Key schedule: Derive-Secret( ., "c hs traffic", hash) # Vector from RFC 8448 -ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03"::32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f" +ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f" SSL TLS 1.3 Key schedule: Derive-Secret( ., "s hs traffic", hash) # Vector from RFC 8448 diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 11817cf4c2..8b7b09aade 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -203,79 +203,79 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED: x509_parse_san:"data_files/server5-unsupported_othername.crt":"" X509 CRL information #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information MD2 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n" X509 CRL Information MD4 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n" X509 CRL Information MD5 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n" X509 CRL Information SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n" X509 CRL Information SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n" X509 CRL Information SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n" X509 CRL Information SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" X509 CRL information RSA-PSS, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" X509 CRL information RSA-PSS, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" X509 CRL information RSA-PSS, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" X509 CRL information RSA-PSS, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" X509 CRL information RSA-PSS, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" X509 CRL Information EC, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" X509 CRL Information EC, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n" X509 CRL Information EC, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n" X509 CRL Information EC, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n" X509 CRL Information EC, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" X509 CRL Malformed Input (trailing spaces at end of file) @@ -291,71 +291,71 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0 X509 CSR Information RSA with MD4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with MD5 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA-256 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTS_X509_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA512 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" X509 CSR Information EC with SHA1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA224 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA256 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA384 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA512 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" X509 CSR Information RSA-PSS with SHA1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA256 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA512 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA with SHA-256 - Microsoft header @@ -2131,7 +2131,7 @@ x509parse_crl:"305d3047020100300d06092a864886f70d01010e0500300f310d300b060355040 # 03020001 signatureValue BIT STRING # The subsequent TBSCertList negative tests remove or modify some elements. X509 CRL ASN1 (TBSCertList, sig present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA224_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA224_C:!MBEDTLS_X509_REMOVE_INFO x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (TBSCertList, signatureValue missing) @@ -2167,7 +2167,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128402abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, no entries) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA224_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA224_C:!MBEDTLS_X509_REMOVE_INFO x509parse_crl:"30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (invalid version 2) @@ -2197,7 +2197,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0101ff041e301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRL ASN1 (extension not critical explicit, crl-idp.pem byte 129) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c010100041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2018-03-14 07\:31\:48\nnext update \: 2028-03-14 07\:31\:48\nRevoked certificates\:\nsigned using \: RSA with SHA-256\n":0 X509 CRT parse path #2 (one cert) @@ -2536,7 +2536,7 @@ X509 RSASSA-PSS parameters ASN1 (trailerField not 1) x509_parse_rsassa_pss_params:"a303020102":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG X509 CSR ASN.1 (OK) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n":0 X509 CSR ASN.1 (bad first tag) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 46d97240d4..a6361d83a8 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -7,6 +7,7 @@ #include "mbedtls/pem.h" #include "mbedtls/oid.h" #include "mbedtls/base64.h" +#include "mbedtls/error.h" #include "string.h" #if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 @@ -320,18 +321,18 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ); if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *p + len != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* * Cannot be an empty sequence. */ if( len == 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); while( *p < end ) { @@ -342,13 +343,13 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); policy_end = *p + len; if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* * Recognize exclusively the policy with OID 1 @@ -366,7 +367,7 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf { if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* * Skip the optional policy qualifiers. */ @@ -374,13 +375,13 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf } if( *p != policy_end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( parse_ret ); } @@ -388,7 +389,8 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf memcmp( new_oid->p, oid->p, oid->len ) == 0 ) return( 0 ); else - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } #endif /* MBEDTLS_X509_CRT_PARSE_C */ /* END_HEADER */ @@ -438,7 +440,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:!MBEDTLS_X509_REMOVE_INFO:MBEDTLS_X509_CRT_PARSE_C */ void x509_cert_info( char * crt_file, char * result_str ) { mbedtls_x509_crt crt; @@ -461,7 +463,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_x509_crl_info( char * crl_file, char * result_str ) { mbedtls_x509_crl crl; @@ -500,7 +502,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_x509_csr_info( char * csr_file, char * result_str ) { mbedtls_x509_csr csr; @@ -523,7 +525,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void x509_verify_info( int flags, char * prefix, char * result_str ) { char buf[2000]; @@ -738,7 +740,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_x509_dn_gets( char * crt_file, char * entity, char * result_str ) { mbedtls_x509_crt crt; @@ -826,30 +828,37 @@ exit: void x509parse_crt( data_t * buf, char * result_str, int result ) { mbedtls_x509_crt crt; - unsigned char output[2000]; +#if !defined(MBEDTLS_X509_REMOVE_INFO) + unsigned char output[2000] = { 0 }; int res; +#else + ((void) result_str); +#endif mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); TEST_ASSERT( mbedtls_x509_crt_parse_der( &crt, buf->x, buf->len ) == ( result ) ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); - TEST_ASSERT( res != -1 ); TEST_ASSERT( res != -2 ); TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } + memset( output, 0, 2000 ); +#endif mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { + memset( output, 0, 2000 ); + res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); TEST_ASSERT( res != -1 ); @@ -857,12 +866,14 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } + memset( output, 0, 2000 ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, NULL, NULL ) == ( result ) ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); @@ -872,12 +883,14 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } + memset( output, 0, 2000 ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, NULL, NULL ) == ( result ) ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); @@ -887,6 +900,7 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } +#endif /* !MBEDTLS_X509_REMOVE_INFO */ exit: mbedtls_x509_crt_free( &crt ); @@ -898,17 +912,22 @@ void x509parse_crt_cb( data_t * buf, char * result_str, int result ) { mbedtls_x509_crt crt; mbedtls_x509_buf oid; - unsigned char output[2000]; + +#if !defined(MBEDTLS_X509_REMOVE_INFO) + unsigned char output[2000] = { 0 }; int res; +#else + ((void) result_str); +#endif oid.tag = MBEDTLS_ASN1_OID; oid.len = MBEDTLS_OID_SIZE(MBEDTLS_OID_PKIX "\x01\x1F"); oid.p = (unsigned char *)MBEDTLS_OID_PKIX "\x01\x1F"; mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, parse_crt_ext_cb, &oid ) == ( result ) ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); @@ -918,12 +937,14 @@ void x509parse_crt_cb( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } + memset( output, 0, 2000 ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, parse_crt_ext_cb, &oid ) == ( result ) ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); @@ -933,13 +954,14 @@ void x509parse_crt_cb( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } +#endif /* !MBEDTLS_X509_REMOVE_INFO */ exit: mbedtls_x509_crt_free( &crt ); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void x509parse_crl( data_t * buf, char * result_str, int result ) { mbedtls_x509_crl crl; @@ -966,7 +988,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_x509_csr_parse( data_t * csr_der, char * ref_out, int ref_ret ) { mbedtls_x509_csr csr; @@ -1099,7 +1121,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C:!MBEDTLS_X509_REMOVE_INFO */ void x509_oid_desc( data_t * buf, char * ref_desc ) { mbedtls_x509_buf oid; diff --git a/visualc/VS2010/aescrypt2.vcxproj b/visualc/VS2010/aescrypt2.vcxproj deleted file mode 100644 index 0707e12453..0000000000 --- a/visualc/VS2010/aescrypt2.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8} - Win32Proj - aescrypt2 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln index 183aa3d1f1..dc3264451e 100644 --- a/visualc/VS2010/mbedTLS.sln +++ b/visualc/VS2010/mbedTLS.sln @@ -3,11 +3,6 @@ Microsoft Visual Studio Solution File, Format Version 11.00 # Visual C++ Express 2010 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mbedTLS", "mbedTLS.vcxproj", "{46CF2D25-6A36-4189-B59C-E4815388E554}" EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "aescrypt2", "aescrypt2.vcxproj", "{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypt_and_hash", "crypt_and_hash.vcxproj", "{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -274,14 +269,6 @@ Global {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.Build.0 = Release|Win32 {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.ActiveCfg = Release|x64 {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.Build.0 = Release|x64 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|Win32.ActiveCfg = Debug|Win32 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|Win32.Build.0 = Debug|Win32 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|x64.ActiveCfg = Debug|x64 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|x64.Build.0 = Debug|x64 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|Win32.ActiveCfg = Release|Win32 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|Win32.Build.0 = Release|Win32 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|x64.ActiveCfg = Release|x64 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|x64.Build.0 = Release|x64 {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.ActiveCfg = Debug|Win32 {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.Build.0 = Debug|Win32 {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.ActiveCfg = Debug|x64 diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index a6f8dbd3ff..26950b1b25 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -176,7 +176,6 @@ - @@ -232,6 +231,7 @@ + @@ -374,6 +374,13 @@ + + + + + + +