mbedtls: Update to upstream version 2.28.4
(cherry picked from commit 1f6340bc46
)
This commit is contained in:
parent
b7fe3c9c38
commit
807e9038d2
37 changed files with 348 additions and 275 deletions
2
thirdparty/README.md
vendored
2
thirdparty/README.md
vendored
|
@ -277,7 +277,7 @@ Files extracted from upstream source:
|
||||||
## mbedtls
|
## mbedtls
|
||||||
|
|
||||||
- Upstream: https://github.com/Mbed-TLS/mbedtls
|
- Upstream: https://github.com/Mbed-TLS/mbedtls
|
||||||
- Version: 2.18.3 (981743de6fcdbe672e482b6fd724d31d0a0d2476, 2023)
|
- Version: 2.28.4 (aeb97a18913a86f051afab11b2c92c6be0c2eb83, 2023)
|
||||||
- License: Apache 2.0
|
- License: Apache 2.0
|
||||||
|
|
||||||
File extracted from upstream release tarball:
|
File extracted from upstream release tarball:
|
||||||
|
|
4
thirdparty/mbedtls/include/mbedtls/aria.h
vendored
4
thirdparty/mbedtls/include/mbedtls/aria.h
vendored
|
@ -274,10 +274,6 @@ int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
|
||||||
* \brief This function performs an ARIA-CTR encryption or decryption
|
* \brief This function performs an ARIA-CTR encryption or decryption
|
||||||
* operation.
|
* operation.
|
||||||
*
|
*
|
||||||
* This function performs the operation defined in the \p mode
|
|
||||||
* parameter (encrypt/decrypt), on the input data buffer
|
|
||||||
* defined in the \p input parameter.
|
|
||||||
*
|
|
||||||
* Due to the nature of CTR, you must use the same key schedule
|
* Due to the nature of CTR, you must use the same key schedule
|
||||||
* for both encryption and decryption operations. Therefore, you
|
* for both encryption and decryption operations. Therefore, you
|
||||||
* must use the context initialized with mbedtls_aria_setkey_enc()
|
* must use the context initialized with mbedtls_aria_setkey_enc()
|
||||||
|
|
4
thirdparty/mbedtls/include/mbedtls/asn1.h
vendored
4
thirdparty/mbedtls/include/mbedtls/asn1.h
vendored
|
@ -453,7 +453,7 @@ void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
|
||||||
* on a successful invocation.
|
* on a successful invocation.
|
||||||
* \param end The end of the ASN.1 SEQUENCE container.
|
* \param end The end of the ASN.1 SEQUENCE container.
|
||||||
* \param tag_must_mask A mask to be applied to the ASN.1 tags found within
|
* \param tag_must_mask A mask to be applied to the ASN.1 tags found within
|
||||||
* the SEQUENCE before comparing to \p tag_must_value.
|
* the SEQUENCE before comparing to \p tag_must_val.
|
||||||
* \param tag_must_val The required value of each ASN.1 tag found in the
|
* \param tag_must_val The required value of each ASN.1 tag found in the
|
||||||
* SEQUENCE, after masking with \p tag_must_mask.
|
* SEQUENCE, after masking with \p tag_must_mask.
|
||||||
* Mismatching tags lead to an error.
|
* Mismatching tags lead to an error.
|
||||||
|
@ -462,7 +462,7 @@ void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
|
||||||
* while a value of \c 0xFF for \p tag_must_mask means
|
* while a value of \c 0xFF for \p tag_must_mask means
|
||||||
* that \p tag_must_val is the only allowed tag.
|
* that \p tag_must_val is the only allowed tag.
|
||||||
* \param tag_may_mask A mask to be applied to the ASN.1 tags found within
|
* \param tag_may_mask A mask to be applied to the ASN.1 tags found within
|
||||||
* the SEQUENCE before comparing to \p tag_may_value.
|
* the SEQUENCE before comparing to \p tag_may_val.
|
||||||
* \param tag_may_val The desired value of each ASN.1 tag found in the
|
* \param tag_may_val The desired value of each ASN.1 tag found in the
|
||||||
* SEQUENCE, after masking with \p tag_may_mask.
|
* SEQUENCE, after masking with \p tag_may_mask.
|
||||||
* Mismatching tags will be silently ignored.
|
* Mismatching tags will be silently ignored.
|
||||||
|
|
10
thirdparty/mbedtls/include/mbedtls/bignum.h
vendored
10
thirdparty/mbedtls/include/mbedtls/bignum.h
vendored
|
@ -533,7 +533,7 @@ int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X,
|
||||||
* \param X The destination MPI. This must point to an initialized MPI.
|
* \param X The destination MPI. This must point to an initialized MPI.
|
||||||
* \param buf The input buffer. This must be a readable buffer of length
|
* \param buf The input buffer. This must be a readable buffer of length
|
||||||
* \p buflen Bytes.
|
* \p buflen Bytes.
|
||||||
* \param buflen The length of the input buffer \p p in Bytes.
|
* \param buflen The length of the input buffer \p buf in Bytes.
|
||||||
*
|
*
|
||||||
* \return \c 0 if successful.
|
* \return \c 0 if successful.
|
||||||
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
|
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
|
||||||
|
@ -548,7 +548,7 @@ int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf,
|
||||||
* \param X The destination MPI. This must point to an initialized MPI.
|
* \param X The destination MPI. This must point to an initialized MPI.
|
||||||
* \param buf The input buffer. This must be a readable buffer of length
|
* \param buf The input buffer. This must be a readable buffer of length
|
||||||
* \p buflen Bytes.
|
* \p buflen Bytes.
|
||||||
* \param buflen The length of the input buffer \p p in Bytes.
|
* \param buflen The length of the input buffer \p buf in Bytes.
|
||||||
*
|
*
|
||||||
* \return \c 0 if successful.
|
* \return \c 0 if successful.
|
||||||
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
|
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
|
||||||
|
@ -986,8 +986,8 @@ int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A,
|
||||||
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
|
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
|
||||||
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than
|
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than
|
||||||
* or equal to one.
|
* or equal to one.
|
||||||
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse
|
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p A has no modular
|
||||||
* with respect to \p N.
|
* inverse with respect to \p N.
|
||||||
*/
|
*/
|
||||||
int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
|
int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
|
||||||
const mbedtls_mpi *N);
|
const mbedtls_mpi *N);
|
||||||
|
@ -1039,7 +1039,7 @@ MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime(const mbedtls_mpi *X,
|
||||||
* This must point to an initialized MPI.
|
* This must point to an initialized MPI.
|
||||||
* \param rounds The number of bases to perform the Miller-Rabin primality
|
* \param rounds The number of bases to perform the Miller-Rabin primality
|
||||||
* test for. The probability of returning 0 on a composite is
|
* test for. The probability of returning 0 on a composite is
|
||||||
* at most 2<sup>-2*\p rounds</sup>.
|
* at most 2<sup>-2*\p rounds </sup>.
|
||||||
* \param f_rng The RNG function to use. This must not be \c NULL.
|
* \param f_rng The RNG function to use. This must not be \c NULL.
|
||||||
* \param p_rng The RNG parameter to be passed to \p f_rng.
|
* \param p_rng The RNG parameter to be passed to \p f_rng.
|
||||||
* This may be \c NULL if \p f_rng doesn't use
|
* This may be \c NULL if \p f_rng doesn't use
|
||||||
|
|
11
thirdparty/mbedtls/include/mbedtls/bn_mul.h
vendored
11
thirdparty/mbedtls/include/mbedtls/bn_mul.h
vendored
|
@ -677,6 +677,15 @@
|
||||||
#if defined(__arm__) && !defined(MULADDC_CANNOT_USE_R7)
|
#if defined(__arm__) && !defined(MULADDC_CANNOT_USE_R7)
|
||||||
|
|
||||||
#if defined(__thumb__) && !defined(__thumb2__)
|
#if defined(__thumb__) && !defined(__thumb2__)
|
||||||
|
#if !defined(__ARMCC_VERSION) && !defined(__clang__) \
|
||||||
|
&& !defined(__llvm__) && !defined(__INTEL_COMPILER)
|
||||||
|
/*
|
||||||
|
* Thumb 1 ISA. This code path has only been tested successfully on gcc;
|
||||||
|
* it does not compile on clang or armclang.
|
||||||
|
*
|
||||||
|
* Other compilers which define __GNUC__ may not work. The above macro
|
||||||
|
* attempts to exclude these untested compilers.
|
||||||
|
*/
|
||||||
|
|
||||||
#define MULADDC_INIT \
|
#define MULADDC_INIT \
|
||||||
asm( \
|
asm( \
|
||||||
|
@ -731,6 +740,8 @@
|
||||||
"r6", "r7", "r8", "r9", "cc" \
|
"r6", "r7", "r8", "r9", "cc" \
|
||||||
);
|
);
|
||||||
|
|
||||||
|
#endif /* Compiler is gcc */
|
||||||
|
|
||||||
#elif (__ARM_ARCH >= 6) && \
|
#elif (__ARM_ARCH >= 6) && \
|
||||||
defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1)
|
defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1)
|
||||||
|
|
||||||
|
|
|
@ -231,7 +231,7 @@ int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
|
||||||
* *note Due to the nature of CTR mode, you should use the same
|
* *note Due to the nature of CTR mode, you should use the same
|
||||||
* key for both encryption and decryption. In particular, calls
|
* key for both encryption and decryption. In particular, calls
|
||||||
* to this function should be preceded by a key-schedule via
|
* to this function should be preceded by a key-schedule via
|
||||||
* mbedtls_camellia_setkey_enc() regardless of whether \p mode
|
* mbedtls_camellia_setkey_enc() regardless of whether the mode
|
||||||
* is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT.
|
* is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT.
|
||||||
*
|
*
|
||||||
* \warning You must never reuse a nonce value with the same key. Doing so
|
* \warning You must never reuse a nonce value with the same key. Doing so
|
||||||
|
|
6
thirdparty/mbedtls/include/mbedtls/cipher.h
vendored
6
thirdparty/mbedtls/include/mbedtls/cipher.h
vendored
|
@ -427,7 +427,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(const mbedtls_ciphe
|
||||||
const mbedtls_cipher_mode_t mode);
|
const mbedtls_cipher_mode_t mode);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief This function initializes a \p cipher_context as NONE.
|
* \brief This function initializes a \p ctx as NONE.
|
||||||
*
|
*
|
||||||
* \param ctx The context to be initialized. This must not be \c NULL.
|
* \param ctx The context to be initialized. This must not be \c NULL.
|
||||||
*/
|
*/
|
||||||
|
@ -602,7 +602,7 @@ static inline const char *mbedtls_cipher_get_name(
|
||||||
* \param ctx The context of the cipher. This must be initialized.
|
* \param ctx The context of the cipher. This must be initialized.
|
||||||
*
|
*
|
||||||
* \return The key length of the cipher in bits.
|
* \return The key length of the cipher in bits.
|
||||||
* \return #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been
|
* \return #MBEDTLS_KEY_LENGTH_NONE if \p ctx has not been
|
||||||
* initialized.
|
* initialized.
|
||||||
*/
|
*/
|
||||||
static inline int mbedtls_cipher_get_key_bitlen(
|
static inline int mbedtls_cipher_get_key_bitlen(
|
||||||
|
@ -779,7 +779,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx,
|
||||||
* \param ctx The generic cipher context. This must be initialized and
|
* \param ctx The generic cipher context. This must be initialized and
|
||||||
* bound to a key.
|
* bound to a key.
|
||||||
* \param output The buffer to write data to. This needs to be a writable
|
* \param output The buffer to write data to. This needs to be a writable
|
||||||
* buffer of at least \p block_size Bytes.
|
* buffer of at least block_size Bytes.
|
||||||
* \param olen The length of the data written to the \p output buffer.
|
* \param olen The length of the data written to the \p output buffer.
|
||||||
* This may not be \c NULL.
|
* This may not be \c NULL.
|
||||||
*
|
*
|
||||||
|
|
4
thirdparty/mbedtls/include/mbedtls/config.h
vendored
4
thirdparty/mbedtls/include/mbedtls/config.h
vendored
|
@ -1458,8 +1458,8 @@
|
||||||
* );
|
* );
|
||||||
* ```
|
* ```
|
||||||
* The \c context value is initialized to 0 before the first call.
|
* The \c context value is initialized to 0 before the first call.
|
||||||
* The function must fill the \c output buffer with \p output_size bytes
|
* The function must fill the \c output buffer with \c output_size bytes
|
||||||
* of random data and set \c *output_length to \p output_size.
|
* of random data and set \c *output_length to \c output_size.
|
||||||
*
|
*
|
||||||
* Requires: MBEDTLS_PSA_CRYPTO_C
|
* Requires: MBEDTLS_PSA_CRYPTO_C
|
||||||
*
|
*
|
||||||
|
|
15
thirdparty/mbedtls/include/mbedtls/ecdsa.h
vendored
15
thirdparty/mbedtls/include/mbedtls/ecdsa.h
vendored
|
@ -266,8 +266,9 @@ int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r,
|
||||||
* \param md_alg The hash algorithm used to hash the original data.
|
* \param md_alg The hash algorithm used to hash the original data.
|
||||||
* \param f_rng_blind The RNG function used for blinding. This must not be
|
* \param f_rng_blind The RNG function used for blinding. This must not be
|
||||||
* \c NULL.
|
* \c NULL.
|
||||||
* \param p_rng_blind The RNG context to be passed to \p f_rng. This may be
|
* \param p_rng_blind The RNG context to be passed to \p f_rng_blind. This
|
||||||
* \c NULL if \p f_rng doesn't need a context parameter.
|
* may be \c NULL if \p f_rng_blind doesn't need
|
||||||
|
* a context parameter.
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
|
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
|
||||||
|
@ -344,7 +345,7 @@ int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp,
|
||||||
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
|
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
|
||||||
* \param md_alg The message digest that was used to hash the message.
|
* \param md_alg The message digest that was used to hash the message.
|
||||||
* \param hash The message hash to be signed. This must be a readable
|
* \param hash The message hash to be signed. This must be a readable
|
||||||
* buffer of length \p blen Bytes.
|
* buffer of length \p hlen Bytes.
|
||||||
* \param hlen The length of the hash \p hash in Bytes.
|
* \param hlen The length of the hash \p hash in Bytes.
|
||||||
* \param sig The buffer to which to write the signature. This must be a
|
* \param sig The buffer to which to write the signature. This must be a
|
||||||
* writable buffer of length at least twice as large as the
|
* writable buffer of length at least twice as large as the
|
||||||
|
@ -386,7 +387,7 @@ int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx,
|
||||||
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
|
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
|
||||||
* \param md_alg The message digest that was used to hash the message.
|
* \param md_alg The message digest that was used to hash the message.
|
||||||
* \param hash The message hash to be signed. This must be a readable
|
* \param hash The message hash to be signed. This must be a readable
|
||||||
* buffer of length \p blen Bytes.
|
* buffer of length \p hlen Bytes.
|
||||||
* \param hlen The length of the hash \p hash in Bytes.
|
* \param hlen The length of the hash \p hash in Bytes.
|
||||||
* \param sig The buffer to which to write the signature. This must be a
|
* \param sig The buffer to which to write the signature. This must be a
|
||||||
* writable buffer of length at least twice as large as the
|
* writable buffer of length at least twice as large as the
|
||||||
|
@ -453,7 +454,7 @@ int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx,
|
||||||
* and have a group and private key bound to it, for example
|
* and have a group and private key bound to it, for example
|
||||||
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
|
* via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
|
||||||
* \param hash The message hash to be signed. This must be a readable
|
* \param hash The message hash to be signed. This must be a readable
|
||||||
* buffer of length \p blen Bytes.
|
* buffer of length \p hlen Bytes.
|
||||||
* \param hlen The length of the hash \p hash in Bytes.
|
* \param hlen The length of the hash \p hash in Bytes.
|
||||||
* \param sig The buffer to which to write the signature. This must be a
|
* \param sig The buffer to which to write the signature. This must be a
|
||||||
* writable buffer of length at least twice as large as the
|
* writable buffer of length at least twice as large as the
|
||||||
|
@ -490,7 +491,7 @@ int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx,
|
||||||
* \param ctx The ECDSA context to use. This must be initialized
|
* \param ctx The ECDSA context to use. This must be initialized
|
||||||
* and have a group and public key bound to it.
|
* and have a group and public key bound to it.
|
||||||
* \param hash The message hash that was signed. This must be a readable
|
* \param hash The message hash that was signed. This must be a readable
|
||||||
* buffer of length \p size Bytes.
|
* buffer of length \p hlen Bytes.
|
||||||
* \param hlen The size of the hash \p hash.
|
* \param hlen The size of the hash \p hash.
|
||||||
* \param sig The signature to read and verify. This must be a readable
|
* \param sig The signature to read and verify. This must be a readable
|
||||||
* buffer of length \p slen Bytes.
|
* buffer of length \p slen Bytes.
|
||||||
|
@ -520,7 +521,7 @@ int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx,
|
||||||
* \param ctx The ECDSA context to use. This must be initialized
|
* \param ctx The ECDSA context to use. This must be initialized
|
||||||
* and have a group and public key bound to it.
|
* and have a group and public key bound to it.
|
||||||
* \param hash The message hash that was signed. This must be a readable
|
* \param hash The message hash that was signed. This must be a readable
|
||||||
* buffer of length \p size Bytes.
|
* buffer of length \p hlen Bytes.
|
||||||
* \param hlen The size of the hash \p hash.
|
* \param hlen The size of the hash \p hash.
|
||||||
* \param sig The signature to read and verify. This must be a readable
|
* \param sig The signature to read and verify. This must be a readable
|
||||||
* buffer of length \p slen Bytes.
|
* buffer of length \p slen Bytes.
|
||||||
|
|
4
thirdparty/mbedtls/include/mbedtls/ecp.h
vendored
4
thirdparty/mbedtls/include/mbedtls/ecp.h
vendored
|
@ -1081,7 +1081,7 @@ int mbedtls_ecp_muladd_restartable(
|
||||||
*
|
*
|
||||||
* It only checks that the point is non-zero, has
|
* It only checks that the point is non-zero, has
|
||||||
* valid coordinates and lies on the curve. It does not verify
|
* valid coordinates and lies on the curve. It does not verify
|
||||||
* that it is indeed a multiple of \p G. This additional
|
* that it is indeed a multiple of \c G. This additional
|
||||||
* check is computationally more expensive, is not required
|
* check is computationally more expensive, is not required
|
||||||
* by standards, and should not be necessary if the group
|
* by standards, and should not be necessary if the group
|
||||||
* used has a small cofactor. In particular, it is useless for
|
* used has a small cofactor. In particular, it is useless for
|
||||||
|
@ -1106,7 +1106,7 @@ int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp,
|
||||||
const mbedtls_ecp_point *pt);
|
const mbedtls_ecp_point *pt);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief This function checks that an \p mbedtls_mpi is a
|
* \brief This function checks that an \c mbedtls_mpi is a
|
||||||
* valid private key for this curve.
|
* valid private key for this curve.
|
||||||
*
|
*
|
||||||
* \note This function uses bare components rather than an
|
* \note This function uses bare components rather than an
|
||||||
|
|
|
@ -186,8 +186,8 @@ void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx);
|
||||||
* \param len The length of the personalization string.
|
* \param len The length of the personalization string.
|
||||||
* This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
|
* This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
|
||||||
* and also at most
|
* and also at most
|
||||||
* #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len * 3 / 2
|
* #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len * 3 / 2
|
||||||
* where \p entropy_len is the entropy length
|
* where \c entropy_len is the entropy length
|
||||||
* described above.
|
* described above.
|
||||||
*
|
*
|
||||||
* \return \c 0 if successful.
|
* \return \c 0 if successful.
|
||||||
|
@ -316,8 +316,8 @@ int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx,
|
||||||
* \param len The length of the additional data.
|
* \param len The length of the additional data.
|
||||||
* This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
|
* This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
|
||||||
* and also at most
|
* and also at most
|
||||||
* #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len
|
* #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len
|
||||||
* where \p entropy_len is the entropy length
|
* where \c entropy_len is the entropy length
|
||||||
* (see mbedtls_hmac_drbg_set_entropy_len()).
|
* (see mbedtls_hmac_drbg_set_entropy_len()).
|
||||||
*
|
*
|
||||||
* \return \c 0 if successful.
|
* \return \c 0 if successful.
|
||||||
|
|
4
thirdparty/mbedtls/include/mbedtls/pk.h
vendored
4
thirdparty/mbedtls/include/mbedtls/pk.h
vendored
|
@ -395,7 +395,7 @@ int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type);
|
||||||
*
|
*
|
||||||
* \return 0 on success (signature is valid),
|
* \return 0 on success (signature is valid),
|
||||||
* #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
|
* #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
|
||||||
* signature in sig but its length is less than \p siglen,
|
* signature in \p sig but its length is less than \p sig_len,
|
||||||
* or a specific error code.
|
* or a specific error code.
|
||||||
*
|
*
|
||||||
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
|
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
|
||||||
|
@ -459,7 +459,7 @@ int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
|
||||||
* #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be
|
* #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be
|
||||||
* used for this type of signatures,
|
* used for this type of signatures,
|
||||||
* #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
|
* #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
|
||||||
* signature in sig but its length is less than \p siglen,
|
* signature in \p sig but its length is less than \p sig_len,
|
||||||
* or a specific error code.
|
* or a specific error code.
|
||||||
*
|
*
|
||||||
* \note If hash_len is 0, then the length associated with md_alg
|
* \note If hash_len is 0, then the length associated with md_alg
|
||||||
|
|
11
thirdparty/mbedtls/include/mbedtls/platform.h
vendored
11
thirdparty/mbedtls/include/mbedtls/platform.h
vendored
|
@ -144,6 +144,8 @@ extern "C" {
|
||||||
#if defined(MBEDTLS_PLATFORM_MEMORY)
|
#if defined(MBEDTLS_PLATFORM_MEMORY)
|
||||||
#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \
|
#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \
|
||||||
defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
|
defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
|
||||||
|
#undef mbedtls_free
|
||||||
|
#undef mbedtls_calloc
|
||||||
#define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO
|
#define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO
|
||||||
#define mbedtls_calloc MBEDTLS_PLATFORM_CALLOC_MACRO
|
#define mbedtls_calloc MBEDTLS_PLATFORM_CALLOC_MACRO
|
||||||
#else
|
#else
|
||||||
|
@ -165,6 +167,8 @@ int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
|
||||||
void (*free_func)(void *));
|
void (*free_func)(void *));
|
||||||
#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */
|
#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */
|
||||||
#else /* !MBEDTLS_PLATFORM_MEMORY */
|
#else /* !MBEDTLS_PLATFORM_MEMORY */
|
||||||
|
#undef mbedtls_free
|
||||||
|
#undef mbedtls_calloc
|
||||||
#define mbedtls_free free
|
#define mbedtls_free free
|
||||||
#define mbedtls_calloc calloc
|
#define mbedtls_calloc calloc
|
||||||
#endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */
|
#endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */
|
||||||
|
@ -189,6 +193,7 @@ extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...);
|
||||||
int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *,
|
int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *,
|
||||||
...));
|
...));
|
||||||
#else
|
#else
|
||||||
|
#undef mbedtls_fprintf
|
||||||
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
|
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
|
||||||
#define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO
|
#define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO
|
||||||
#else
|
#else
|
||||||
|
@ -213,6 +218,7 @@ extern int (*mbedtls_printf)(const char *format, ...);
|
||||||
*/
|
*/
|
||||||
int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...));
|
int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...));
|
||||||
#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
|
#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
|
||||||
|
#undef mbedtls_printf
|
||||||
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
|
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
|
||||||
#define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO
|
#define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO
|
||||||
#else
|
#else
|
||||||
|
@ -248,6 +254,7 @@ extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...);
|
||||||
int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
|
int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
|
||||||
const char *format, ...));
|
const char *format, ...));
|
||||||
#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
|
#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
|
||||||
|
#undef mbedtls_snprintf
|
||||||
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
|
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
|
||||||
#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO
|
#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO
|
||||||
#else
|
#else
|
||||||
|
@ -284,6 +291,7 @@ extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list a
|
||||||
int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
|
int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
|
||||||
const char *format, va_list arg));
|
const char *format, va_list arg));
|
||||||
#else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
|
#else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
|
||||||
|
#undef mbedtls_vsnprintf
|
||||||
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
|
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
|
||||||
#define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO
|
#define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO
|
||||||
#else
|
#else
|
||||||
|
@ -308,6 +316,7 @@ extern void (*mbedtls_exit)(int status);
|
||||||
*/
|
*/
|
||||||
int mbedtls_platform_set_exit(void (*exit_func)(int status));
|
int mbedtls_platform_set_exit(void (*exit_func)(int status));
|
||||||
#else
|
#else
|
||||||
|
#undef mbedtls_exit
|
||||||
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
|
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
|
||||||
#define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO
|
#define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO
|
||||||
#else
|
#else
|
||||||
|
@ -360,6 +369,8 @@ int mbedtls_platform_set_nv_seed(
|
||||||
int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)
|
int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)
|
||||||
);
|
);
|
||||||
#else
|
#else
|
||||||
|
#undef mbedtls_nv_seed_read
|
||||||
|
#undef mbedtls_nv_seed_write
|
||||||
#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \
|
#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \
|
||||||
defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
|
defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
|
||||||
#define mbedtls_nv_seed_read MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
|
#define mbedtls_nv_seed_read MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
|
||||||
|
|
12
thirdparty/mbedtls/include/mbedtls/rsa.h
vendored
12
thirdparty/mbedtls/include/mbedtls/rsa.h
vendored
|
@ -260,15 +260,15 @@ int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx,
|
||||||
* \brief This function completes an RSA context from
|
* \brief This function completes an RSA context from
|
||||||
* a set of imported core parameters.
|
* a set of imported core parameters.
|
||||||
*
|
*
|
||||||
* To setup an RSA public key, precisely \p N and \p E
|
* To setup an RSA public key, precisely \c N and \c E
|
||||||
* must have been imported.
|
* must have been imported.
|
||||||
*
|
*
|
||||||
* To setup an RSA private key, sufficient information must
|
* To setup an RSA private key, sufficient information must
|
||||||
* be present for the other parameters to be derivable.
|
* be present for the other parameters to be derivable.
|
||||||
*
|
*
|
||||||
* The default implementation supports the following:
|
* The default implementation supports the following:
|
||||||
* <ul><li>Derive \p P, \p Q from \p N, \p D, \p E.</li>
|
* <ul><li>Derive \c P, \c Q from \c N, \c D, \c E.</li>
|
||||||
* <li>Derive \p N, \p D from \p P, \p Q, \p E.</li></ul>
|
* <li>Derive \c N, \c D from \c P, \c Q, \c E.</li></ul>
|
||||||
* Alternative implementations need not support these.
|
* Alternative implementations need not support these.
|
||||||
*
|
*
|
||||||
* If this function runs successfully, it guarantees that
|
* If this function runs successfully, it guarantees that
|
||||||
|
@ -537,7 +537,7 @@ int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub,
|
||||||
* \note This function does not handle message padding.
|
* \note This function does not handle message padding.
|
||||||
*
|
*
|
||||||
* \note Make sure to set \p input[0] = 0 or ensure that
|
* \note Make sure to set \p input[0] = 0 or ensure that
|
||||||
* input is smaller than \p N.
|
* input is smaller than \c N.
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||||
|
@ -1109,8 +1109,8 @@ int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
|
||||||
* verification using the mode from the context.
|
* verification using the mode from the context.
|
||||||
*
|
*
|
||||||
* \note For PKCS#1 v2.1 encoding, see comments on
|
* \note For PKCS#1 v2.1 encoding, see comments on
|
||||||
* mbedtls_rsa_rsassa_pss_verify() about \p md_alg and
|
* mbedtls_rsa_rsassa_pss_verify() about \c md_alg and
|
||||||
* \p hash_id.
|
* \c hash_id.
|
||||||
*
|
*
|
||||||
* \deprecated It is deprecated and discouraged to call this function
|
* \deprecated It is deprecated and discouraged to call this function
|
||||||
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
|
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
|
||||||
|
|
11
thirdparty/mbedtls/include/mbedtls/ssl.h
vendored
11
thirdparty/mbedtls/include/mbedtls/ssl.h
vendored
|
@ -494,6 +494,7 @@
|
||||||
|
|
||||||
/* Dummy type used only for its size */
|
/* Dummy type used only for its size */
|
||||||
union mbedtls_ssl_premaster_secret {
|
union mbedtls_ssl_premaster_secret {
|
||||||
|
unsigned char dummy; /* Make the union non-empty even with SSL disabled */
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
||||||
unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */
|
unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */
|
||||||
#endif
|
#endif
|
||||||
|
@ -1746,10 +1747,10 @@ void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl,
|
||||||
* \param own_cid The address of the readable buffer holding the CID we want
|
* \param own_cid The address of the readable buffer holding the CID we want
|
||||||
* the peer to use when sending encrypted messages to us.
|
* the peer to use when sending encrypted messages to us.
|
||||||
* This may be \c NULL if \p own_cid_len is \c 0.
|
* This may be \c NULL if \p own_cid_len is \c 0.
|
||||||
* This parameter is unused if \p enabled is set to
|
* This parameter is unused if \p enable is set to
|
||||||
* MBEDTLS_SSL_CID_DISABLED.
|
* MBEDTLS_SSL_CID_DISABLED.
|
||||||
* \param own_cid_len The length of \p own_cid.
|
* \param own_cid_len The length of \p own_cid.
|
||||||
* This parameter is unused if \p enabled is set to
|
* This parameter is unused if \p enable is set to
|
||||||
* MBEDTLS_SSL_CID_DISABLED.
|
* MBEDTLS_SSL_CID_DISABLED.
|
||||||
*
|
*
|
||||||
* \note The value of \p own_cid_len must match the value of the
|
* \note The value of \p own_cid_len must match the value of the
|
||||||
|
@ -2573,8 +2574,8 @@ int mbedtls_ssl_session_load(mbedtls_ssl_session *session,
|
||||||
*
|
*
|
||||||
* \param session The session structure to be saved.
|
* \param session The session structure to be saved.
|
||||||
* \param buf The buffer to write the serialized data to. It must be a
|
* \param buf The buffer to write the serialized data to. It must be a
|
||||||
* writeable buffer of at least \p len bytes, or may be \c
|
* writeable buffer of at least \p buf_len bytes, or may be \c
|
||||||
* NULL if \p len is \c 0.
|
* NULL if \p buf_len is \c 0.
|
||||||
* \param buf_len The number of bytes available for writing in \p buf.
|
* \param buf_len The number of bytes available for writing in \p buf.
|
||||||
* \param olen The size in bytes of the data that has been or would have
|
* \param olen The size in bytes of the data that has been or would have
|
||||||
* been written. It must point to a valid \c size_t.
|
* been written. It must point to a valid \c size_t.
|
||||||
|
@ -2659,7 +2660,7 @@ void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf,
|
||||||
* record headers.
|
* record headers.
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p own_cid_len
|
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p len
|
||||||
* is too large.
|
* is too large.
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len,
|
int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len,
|
||||||
|
|
8
thirdparty/mbedtls/include/mbedtls/version.h
vendored
8
thirdparty/mbedtls/include/mbedtls/version.h
vendored
|
@ -38,16 +38,16 @@
|
||||||
*/
|
*/
|
||||||
#define MBEDTLS_VERSION_MAJOR 2
|
#define MBEDTLS_VERSION_MAJOR 2
|
||||||
#define MBEDTLS_VERSION_MINOR 28
|
#define MBEDTLS_VERSION_MINOR 28
|
||||||
#define MBEDTLS_VERSION_PATCH 3
|
#define MBEDTLS_VERSION_PATCH 4
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The single version number has the following structure:
|
* The single version number has the following structure:
|
||||||
* MMNNPP00
|
* MMNNPP00
|
||||||
* Major version | Minor version | Patch version
|
* Major version | Minor version | Patch version
|
||||||
*/
|
*/
|
||||||
#define MBEDTLS_VERSION_NUMBER 0x021C0300
|
#define MBEDTLS_VERSION_NUMBER 0x021C0400
|
||||||
#define MBEDTLS_VERSION_STRING "2.28.3"
|
#define MBEDTLS_VERSION_STRING "2.28.4"
|
||||||
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.28.3"
|
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.28.4"
|
||||||
|
|
||||||
#if defined(MBEDTLS_VERSION_C)
|
#if defined(MBEDTLS_VERSION_C)
|
||||||
|
|
||||||
|
|
|
@ -509,7 +509,7 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
|
||||||
* \param san_buf The buffer holding the raw data item of the subject
|
* \param san_buf The buffer holding the raw data item of the subject
|
||||||
* alternative name.
|
* alternative name.
|
||||||
* \param san The target structure to populate with the parsed presentation
|
* \param san The target structure to populate with the parsed presentation
|
||||||
* of the subject alternative name encoded in \p san_raw.
|
* of the subject alternative name encoded in \p san_buf.
|
||||||
*
|
*
|
||||||
* \note Only "dnsName" and "otherName" of type hardware_module_name
|
* \note Only "dnsName" and "otherName" of type hardware_module_name
|
||||||
* as defined in RFC 4180 is supported.
|
* as defined in RFC 4180 is supported.
|
||||||
|
@ -517,7 +517,7 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
|
||||||
* \note This function should be called on a single raw data of
|
* \note This function should be called on a single raw data of
|
||||||
* subject alternative name. For example, after successful
|
* subject alternative name. For example, after successful
|
||||||
* certificate parsing, one must iterate on every item in the
|
* certificate parsing, one must iterate on every item in the
|
||||||
* \p crt->subject_alt_names sequence, and pass it to
|
* \c crt->subject_alt_names sequence, and pass it to
|
||||||
* this function.
|
* this function.
|
||||||
*
|
*
|
||||||
* \warning The target structure contains pointers to the raw data of the
|
* \warning The target structure contains pointers to the raw data of the
|
||||||
|
|
36
thirdparty/mbedtls/library/aes.c
vendored
36
thirdparty/mbedtls/library/aes.c
vendored
|
@ -58,6 +58,8 @@ static int aes_padlock_ace = -1;
|
||||||
/*
|
/*
|
||||||
* Forward S-box
|
* Forward S-box
|
||||||
*/
|
*/
|
||||||
|
#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
|
||||||
|
!defined(MBEDTLS_AES_SETKEY_DEC_ALT)
|
||||||
static const unsigned char FSb[256] =
|
static const unsigned char FSb[256] =
|
||||||
{
|
{
|
||||||
0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5,
|
0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5,
|
||||||
|
@ -93,6 +95,8 @@ static const unsigned char FSb[256] =
|
||||||
0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68,
|
0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68,
|
||||||
0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
|
0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
|
||||||
};
|
};
|
||||||
|
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
|
||||||
|
!defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Forward tables
|
* Forward tables
|
||||||
|
@ -164,6 +168,7 @@ static const unsigned char FSb[256] =
|
||||||
V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \
|
V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \
|
||||||
V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C)
|
V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C)
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_AES_ENCRYPT_ALT)
|
||||||
#define V(a, b, c, d) 0x##a##b##c##d
|
#define V(a, b, c, d) 0x##a##b##c##d
|
||||||
static const uint32_t FT0[256] = { FT };
|
static const uint32_t FT0[256] = { FT };
|
||||||
#undef V
|
#undef V
|
||||||
|
@ -184,8 +189,11 @@ static const uint32_t FT3[256] = { FT };
|
||||||
|
|
||||||
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
||||||
|
|
||||||
|
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */
|
||||||
|
|
||||||
#undef FT
|
#undef FT
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_AES_DECRYPT_ALT)
|
||||||
/*
|
/*
|
||||||
* Reverse S-box
|
* Reverse S-box
|
||||||
*/
|
*/
|
||||||
|
@ -224,6 +232,7 @@ static const unsigned char RSb[256] =
|
||||||
0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26,
|
0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26,
|
||||||
0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
|
0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
|
||||||
};
|
};
|
||||||
|
#endif /* defined(MBEDTLS_AES_DECRYPT_ALT)) */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Reverse tables
|
* Reverse tables
|
||||||
|
@ -295,6 +304,8 @@ static const unsigned char RSb[256] =
|
||||||
V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \
|
V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \
|
||||||
V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0)
|
V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0)
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
|
||||||
|
|
||||||
#define V(a, b, c, d) 0x##a##b##c##d
|
#define V(a, b, c, d) 0x##a##b##c##d
|
||||||
static const uint32_t RT0[256] = { RT };
|
static const uint32_t RT0[256] = { RT };
|
||||||
#undef V
|
#undef V
|
||||||
|
@ -315,8 +326,11 @@ static const uint32_t RT3[256] = { RT };
|
||||||
|
|
||||||
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
||||||
|
|
||||||
|
#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
|
||||||
|
|
||||||
#undef RT
|
#undef RT
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
|
||||||
/*
|
/*
|
||||||
* Round constants
|
* Round constants
|
||||||
*/
|
*/
|
||||||
|
@ -326,31 +340,44 @@ static const uint32_t RCON[10] =
|
||||||
0x00000010, 0x00000020, 0x00000040, 0x00000080,
|
0x00000010, 0x00000020, 0x00000040, 0x00000080,
|
||||||
0x0000001B, 0x00000036
|
0x0000001B, 0x00000036
|
||||||
};
|
};
|
||||||
|
#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
|
||||||
|
|
||||||
#else /* MBEDTLS_AES_ROM_TABLES */
|
#else /* MBEDTLS_AES_ROM_TABLES */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Forward S-box & tables
|
* Forward S-box & tables
|
||||||
*/
|
*/
|
||||||
|
#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
|
||||||
|
!defined(MBEDTLS_AES_SETKEY_DEC_ALT)
|
||||||
static unsigned char FSb[256];
|
static unsigned char FSb[256];
|
||||||
|
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
|
||||||
|
!defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
|
||||||
|
#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
|
||||||
static uint32_t FT0[256];
|
static uint32_t FT0[256];
|
||||||
#if !defined(MBEDTLS_AES_FEWER_TABLES)
|
#if !defined(MBEDTLS_AES_FEWER_TABLES)
|
||||||
static uint32_t FT1[256];
|
static uint32_t FT1[256];
|
||||||
static uint32_t FT2[256];
|
static uint32_t FT2[256];
|
||||||
static uint32_t FT3[256];
|
static uint32_t FT3[256];
|
||||||
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
||||||
|
#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Reverse S-box & tables
|
* Reverse S-box & tables
|
||||||
*/
|
*/
|
||||||
|
#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT))
|
||||||
static unsigned char RSb[256];
|
static unsigned char RSb[256];
|
||||||
|
#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
|
||||||
static uint32_t RT0[256];
|
static uint32_t RT0[256];
|
||||||
#if !defined(MBEDTLS_AES_FEWER_TABLES)
|
#if !defined(MBEDTLS_AES_FEWER_TABLES)
|
||||||
static uint32_t RT1[256];
|
static uint32_t RT1[256];
|
||||||
static uint32_t RT2[256];
|
static uint32_t RT2[256];
|
||||||
static uint32_t RT3[256];
|
static uint32_t RT3[256];
|
||||||
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
||||||
|
#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
|
||||||
/*
|
/*
|
||||||
* Round constants
|
* Round constants
|
||||||
*/
|
*/
|
||||||
|
@ -428,6 +455,7 @@ static void aes_gen_tables(void)
|
||||||
|
|
||||||
x = RSb[i];
|
x = RSb[i];
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
|
||||||
RT0[i] = ((uint32_t) MUL(0x0E, x)) ^
|
RT0[i] = ((uint32_t) MUL(0x0E, x)) ^
|
||||||
((uint32_t) MUL(0x09, x) << 8) ^
|
((uint32_t) MUL(0x09, x) << 8) ^
|
||||||
((uint32_t) MUL(0x0D, x) << 16) ^
|
((uint32_t) MUL(0x0D, x) << 16) ^
|
||||||
|
@ -438,9 +466,12 @@ static void aes_gen_tables(void)
|
||||||
RT2[i] = ROTL8(RT1[i]);
|
RT2[i] = ROTL8(RT1[i]);
|
||||||
RT3[i] = ROTL8(RT2[i]);
|
RT3[i] = ROTL8(RT2[i]);
|
||||||
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
#endif /* !MBEDTLS_AES_FEWER_TABLES */
|
||||||
|
#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
|
||||||
|
|
||||||
#undef ROTL8
|
#undef ROTL8
|
||||||
|
|
||||||
#endif /* MBEDTLS_AES_ROM_TABLES */
|
#endif /* MBEDTLS_AES_ROM_TABLES */
|
||||||
|
@ -521,6 +552,9 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx)
|
||||||
(defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2)
|
(defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2)
|
||||||
#define MAY_NEED_TO_ALIGN
|
#define MAY_NEED_TO_ALIGN
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \
|
||||||
|
!defined(MBEDTLS_AES_SETKEY_ENC_ALT)
|
||||||
static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
|
static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
|
||||||
{
|
{
|
||||||
#if defined(MAY_NEED_TO_ALIGN)
|
#if defined(MAY_NEED_TO_ALIGN)
|
||||||
|
@ -557,6 +591,8 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \
|
||||||
|
!defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* AES key schedule (encryption)
|
* AES key schedule (encryption)
|
||||||
|
|
2
thirdparty/mbedtls/library/aesni.c
vendored
2
thirdparty/mbedtls/library/aesni.c
vendored
|
@ -41,6 +41,8 @@
|
||||||
#if MBEDTLS_AESNI_HAVE_CODE == 2
|
#if MBEDTLS_AESNI_HAVE_CODE == 2
|
||||||
#if !defined(_WIN32)
|
#if !defined(_WIN32)
|
||||||
#include <cpuid.h>
|
#include <cpuid.h>
|
||||||
|
#else
|
||||||
|
#include <intrin.h>
|
||||||
#endif
|
#endif
|
||||||
#include <immintrin.h>
|
#include <immintrin.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
104
thirdparty/mbedtls/library/certs.c
vendored
104
thirdparty/mbedtls/library/certs.c
vendored
|
@ -348,33 +348,33 @@
|
||||||
#define TEST_CA_KEY_RSA_PEM \
|
#define TEST_CA_KEY_RSA_PEM \
|
||||||
"-----BEGIN RSA PRIVATE KEY-----\r\n" \
|
"-----BEGIN RSA PRIVATE KEY-----\r\n" \
|
||||||
"Proc-Type: 4,ENCRYPTED\r\n" \
|
"Proc-Type: 4,ENCRYPTED\r\n" \
|
||||||
"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n" \
|
"AES-128-CBC,781840E6B804AE83D2AF71127C4CE314\r\n" \
|
||||||
"\r\n" \
|
"\r\n" \
|
||||||
"9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n" \
|
"etQ3xgGLbuYF9vR1km03TH5fwfly1hOlix0PtfQ+t9HG065vTtSEHYc/OyHwdy79\r\n" \
|
||||||
"7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n" \
|
"NCLX5RUrPh06E/XlKzMNVHAXqkwFnIwNzRLsOozeP1L7iZEZb9QMeiN5Org+btCO\r\n" \
|
||||||
"Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n" \
|
"bylXPB4YirfuE7GSJalWY/pq3FQtD33zTIKmNhXfVj3sbwGI/8D9XjaKUb8PODOB\r\n" \
|
||||||
"PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n" \
|
"skOalmx6RvYRvg0lmRxB3+T3wejIsrrDPweYqte9B6dVHIVG1ZmvoA6/wnKZZZeV\r\n" \
|
||||||
"GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n" \
|
"sjj8OpL3OwUBrjuGSknE9Rs6kCuSCbHOYVK8VzcZmCYpie0TFnb3Sk8M6vjfW+45\r\n" \
|
||||||
"gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n" \
|
"U7WUMlSAPxKH6lJDzWdwHqLvsVJwuNnaAaBXg9/8U/rzQEWuq8Ar3s8fw2Jg3F1G\r\n" \
|
||||||
"QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n" \
|
"L6N5ZAEfCz3Sa0N9WKafR/RSQj+rq8Z3w4POAafhbzk249uo5K8B1Z3cQwLxeXIl\r\n" \
|
||||||
"PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n" \
|
"UbRQz1TZy4oNTfQzCahYruPNyvwgTkfwAFFvbLAdaiJd2ZtLBoqYE64TYakYnvcC\r\n" \
|
||||||
"vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n" \
|
"itim1bmySIKoxlMfBGFmMuF03epT0pSx701jlGzGi0l0m16NEjoVxDwo5j93SmiM\r\n" \
|
||||||
"WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n" \
|
"sQdjC1lOGk2iCLkphIQqHFjFJYWjvh1UUIqWZf+ZWOOxlf4x9a1pUVj6FvtECxNB\r\n" \
|
||||||
"JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n" \
|
"/mA/m4Iq4LAuVXHE1MpHeq067lJ6wWlrsb2WVmiNGfQ2AC7fMtpcPuunBVT9NV1m\r\n" \
|
||||||
"KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n" \
|
"1rbDzIgLIWAzqz/cy3N8Q8vfxnrFtmNUyM191Zyq+YF14hIKWX9J1qR4LXwWAzVV\r\n" \
|
||||||
"Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n" \
|
"UrC8IL4pA2mtRkW4qFsB0EmHAxO/cedDTPjVFty5WSzhNuvYZxX45HAkGIfK6d21\r\n" \
|
||||||
"9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n" \
|
"7WHPhHG+zaaUTWMUVixB0IcKp6RecjYPFzBHS0YeX88Ue2cyT/90jMiQ9ssOgRrG\r\n" \
|
||||||
"iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n" \
|
"ZJRJvZAc3TSCnY9sNPYoGrJPiZuCnlUj3ENNurYVy12ai0WFxwnNUZjRUhDS6hjm\r\n" \
|
||||||
"tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n" \
|
"cDHD5TlI9MZ6M+Mb/Bw4Ig8HuTHOtQBYD9vhtXsG+B7H/j6cS+1umaKjrnG/kK4W\r\n" \
|
||||||
"P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n" \
|
"R6YXwM2faAi+DwgjjoMXSzRqSTF8PdTIWbAXo3bc2qsXPTMBA8PEp4nb5scHZ4Ts\r\n" \
|
||||||
"1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n" \
|
"EcBNp2jv0j4gBkRmGIab17cWMrlagjFy89DhqZUFwKdeZs+yJ92A5xstWxOUfpEP\r\n" \
|
||||||
"nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n" \
|
"90T/bsp1G5d7WW5fl2TRJvYJNDM+djkKIh0zCkduiZ36oVM6nDdbjmXqjQXopeSD\r\n" \
|
||||||
"X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n" \
|
"gtOourBRF8g99W0fW8QT+yPhP0Pkyz6EG8eQO6Zwh439xdoVwu9jUzQAPmZ0uNeR\r\n" \
|
||||||
"rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n" \
|
"xTXXihYyv72z27rInjLiIPXL25K9eDVLlcSR3RyG7YYgjdQAL2VJDLcBz5jox1uQ\r\n" \
|
||||||
"L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n" \
|
"0guoD5wmfu2FWLqYE7HeTYntdY53lCflwq0GHRMjrrsVpx+5VDQ6Yi47Ny9SWLcp\r\n" \
|
||||||
"I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n" \
|
"fPI3iBkXuGRWupzs6N4pQdSO0dU28KfpMM5QvFoLIn67brCHEQij4dgFrCTYEyBX\r\n" \
|
||||||
"wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n" \
|
"9+jiNImUFYUhAFuxvUbfZt4O/ABLIElvHLfJs1oYCmI/nWpvLFqXB5rnzPNfEi0H\r\n" \
|
||||||
"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" \
|
"PGGe1Hj/t+CJIp/6ios3yNy2QtXO754TZH2UVu51Ykyig5PFjZVoUkbRvHQYcWfU\r\n" \
|
||||||
"-----END RSA PRIVATE KEY-----\r\n"
|
"-----END RSA PRIVATE KEY-----\r\n"
|
||||||
/* END FILE */
|
/* END FILE */
|
||||||
|
|
||||||
|
@ -504,17 +504,17 @@
|
||||||
#define TEST_SRV_CRT_EC_PEM \
|
#define TEST_SRV_CRT_EC_PEM \
|
||||||
"-----BEGIN CERTIFICATE-----\r\n" \
|
"-----BEGIN CERTIFICATE-----\r\n" \
|
||||||
"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \
|
"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \
|
||||||
"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \
|
"A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \
|
||||||
"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
|
"MjMwNjE1MDMzNDE4WhcNMzMwNjEyMDMzNDE4WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
|
||||||
"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \
|
"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \
|
||||||
"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \
|
"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \
|
||||||
"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \
|
"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \
|
||||||
"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \
|
"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \
|
||||||
"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n" \
|
"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh\r\n" \
|
||||||
"clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \
|
"clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \
|
||||||
"CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n" \
|
"CCqGSM49BAMCA2gAMGUCMAHFbGEzx8dZaUlIltT5s1QO9FvKmvFer4uRY3ntEy9S\r\n" \
|
||||||
"C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n" \
|
"k7DCCozM86WWLjfzbJ78bwIxAJYRPF1CzNEiXPHb9O46ZPHKo2S5x//g/54RowAK\r\n" \
|
||||||
"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n" \
|
"uZz+hKPuMi6YY6cIm81jfeaSZQ==\r\n" \
|
||||||
"-----END CERTIFICATE-----\r\n"
|
"-----END CERTIFICATE-----\r\n"
|
||||||
/* END FILE */
|
/* END FILE */
|
||||||
|
|
||||||
|
@ -525,16 +525,16 @@
|
||||||
0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
|
0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
|
||||||
0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
|
0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
|
||||||
0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
|
0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
|
||||||
0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
|
0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
|
||||||
0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \
|
0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
|
||||||
0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \
|
0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \
|
||||||
0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
|
0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
|
||||||
0x31, 0x33, 0x30, 0x39, 0x32, 0x34, 0x31, 0x35, 0x35, 0x32, 0x30, 0x34, \
|
0x32, 0x33, 0x30, 0x36, 0x31, 0x35, 0x30, 0x33, 0x33, 0x34, 0x31, 0x38, \
|
||||||
0x5a, 0x17, 0x0d, 0x32, 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x35, \
|
0x5a, 0x17, 0x0d, 0x33, 0x33, 0x30, 0x36, 0x31, 0x32, 0x30, 0x33, 0x33, \
|
||||||
0x32, 0x30, 0x34, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
|
0x34, 0x31, 0x38, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
|
||||||
0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
|
0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
|
||||||
0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
|
0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
|
||||||
0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \
|
0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
|
||||||
0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \
|
0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \
|
||||||
0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \
|
0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \
|
||||||
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \
|
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \
|
||||||
|
@ -552,21 +552,21 @@
|
||||||
0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \
|
0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \
|
||||||
0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \
|
0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \
|
||||||
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \
|
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \
|
||||||
0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, \
|
0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \
|
||||||
0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \
|
0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \
|
||||||
0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \
|
0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \
|
||||||
0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \
|
0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \
|
||||||
0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \
|
0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \
|
||||||
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \
|
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \
|
||||||
0x30, 0x65, 0x02, 0x31, 0x00, 0x9a, 0x2c, 0x5c, 0xd7, 0xa6, 0xdb, 0xa2, \
|
0x30, 0x65, 0x02, 0x30, 0x01, 0xc5, 0x6c, 0x61, 0x33, 0xc7, 0xc7, 0x59, \
|
||||||
0xe5, 0x64, 0x0d, 0xf0, 0xb9, 0x4e, 0xdd, 0xd7, 0x61, 0xd6, 0x13, 0x31, \
|
0x69, 0x49, 0x48, 0x96, 0xd4, 0xf9, 0xb3, 0x54, 0x0e, 0xf4, 0x5b, 0xca, \
|
||||||
0xc7, 0xab, 0x73, 0x80, 0xbb, 0xd3, 0xd3, 0x73, 0x13, 0x54, 0xad, 0x92, \
|
0x9a, 0xf1, 0x5e, 0xaf, 0x8b, 0x91, 0x63, 0x79, 0xed, 0x13, 0x2f, 0x52, \
|
||||||
0x0b, 0x5d, 0xab, 0xd0, 0xbc, 0xf7, 0xae, 0x2f, 0xe6, 0xa1, 0x21, 0x29, \
|
0x93, 0xb0, 0xc2, 0x0a, 0x8c, 0xcc, 0xf3, 0xa5, 0x96, 0x2e, 0x37, 0xf3, \
|
||||||
0x35, 0x95, 0xaa, 0x3e, 0x39, 0x02, 0x30, 0x21, 0x36, 0x7f, 0x9d, 0xc6, \
|
0x6c, 0x9e, 0xfc, 0x6f, 0x02, 0x31, 0x00, 0x96, 0x11, 0x3c, 0x5d, 0x42, \
|
||||||
0x5d, 0xc6, 0x0b, 0xab, 0x27, 0xf2, 0x25, 0x1d, 0x3b, 0xf1, 0xcf, 0xf1, \
|
0xcc, 0xd1, 0x22, 0x5c, 0xf1, 0xdb, 0xf4, 0xee, 0x3a, 0x64, 0xf1, 0xca, \
|
||||||
0x35, 0x25, 0x14, 0xe7, 0xe5, 0xf1, 0x97, 0xb5, 0x59, 0xe3, 0x5e, 0x15, \
|
0xa3, 0x64, 0xb9, 0xc7, 0xff, 0xe0, 0xff, 0x9e, 0x11, 0xa3, 0x00, 0x0a, \
|
||||||
0x7c, 0x66, 0xb9, 0x90, 0x7b, 0xc7, 0x01, 0x10, 0x4f, 0x73, 0xc6, 0x00, \
|
0xb9, 0x9c, 0xfe, 0x84, 0xa3, 0xee, 0x32, 0x2e, 0x98, 0x63, 0xa7, 0x08, \
|
||||||
0x21, 0x52, 0x2a, 0x0e, 0xf1, 0xc7, 0xd5 \
|
0x9b, 0xcd, 0x63, 0x7d, 0xe6, 0x92, 0x65 \
|
||||||
}
|
}
|
||||||
/* END FILE */
|
/* END FILE */
|
||||||
|
|
||||||
|
|
40
thirdparty/mbedtls/library/constant_time.c
vendored
40
thirdparty/mbedtls/library/constant_time.c
vendored
|
@ -263,40 +263,6 @@ unsigned mbedtls_ct_uint_if(unsigned condition,
|
||||||
|
|
||||||
#if defined(MBEDTLS_BIGNUM_C)
|
#if defined(MBEDTLS_BIGNUM_C)
|
||||||
|
|
||||||
/** Select between two sign values without branches.
|
|
||||||
*
|
|
||||||
* This is functionally equivalent to `condition ? if1 : if0` but uses only bit
|
|
||||||
* operations in order to avoid branches.
|
|
||||||
*
|
|
||||||
* \note if1 and if0 must be either 1 or -1, otherwise the result
|
|
||||||
* is undefined.
|
|
||||||
*
|
|
||||||
* \param condition Condition to test; must be either 0 or 1.
|
|
||||||
* \param if1 The first sign; must be either +1 or -1.
|
|
||||||
* \param if0 The second sign; must be either +1 or -1.
|
|
||||||
*
|
|
||||||
* \return \c if1 if \p condition is nonzero, otherwise \c if0.
|
|
||||||
* */
|
|
||||||
static int mbedtls_ct_cond_select_sign(unsigned char condition,
|
|
||||||
int if1,
|
|
||||||
int if0)
|
|
||||||
{
|
|
||||||
/* In order to avoid questions about what we can reasonably assume about
|
|
||||||
* the representations of signed integers, move everything to unsigned
|
|
||||||
* by taking advantage of the fact that if1 and if0 are either +1 or -1. */
|
|
||||||
unsigned uif1 = if1 + 1;
|
|
||||||
unsigned uif0 = if0 + 1;
|
|
||||||
|
|
||||||
/* condition was 0 or 1, mask is 0 or 2 as are uif1 and uif0 */
|
|
||||||
const unsigned mask = condition << 1;
|
|
||||||
|
|
||||||
/* select uif1 or uif0 */
|
|
||||||
unsigned ur = (uif0 & ~mask) | (uif1 & mask);
|
|
||||||
|
|
||||||
/* ur is now 0 or 2, convert back to -1 or +1 */
|
|
||||||
return (int) ur - 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
void mbedtls_ct_mpi_uint_cond_assign(size_t n,
|
void mbedtls_ct_mpi_uint_cond_assign(size_t n,
|
||||||
mbedtls_mpi_uint *dest,
|
mbedtls_mpi_uint *dest,
|
||||||
const mbedtls_mpi_uint *src,
|
const mbedtls_mpi_uint *src,
|
||||||
|
@ -559,7 +525,7 @@ int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X,
|
||||||
|
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n));
|
MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n));
|
||||||
|
|
||||||
X->s = mbedtls_ct_cond_select_sign(assign, Y->s, X->s);
|
X->s = (int) mbedtls_ct_uint_if(assign, Y->s, X->s);
|
||||||
|
|
||||||
mbedtls_ct_mpi_uint_cond_assign(Y->n, X->p, Y->p, assign);
|
mbedtls_ct_mpi_uint_cond_assign(Y->n, X->p, Y->p, assign);
|
||||||
|
|
||||||
|
@ -599,8 +565,8 @@ int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X,
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n));
|
MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n));
|
||||||
|
|
||||||
s = X->s;
|
s = X->s;
|
||||||
X->s = mbedtls_ct_cond_select_sign(swap, Y->s, X->s);
|
X->s = (int) mbedtls_ct_uint_if(swap, Y->s, X->s);
|
||||||
Y->s = mbedtls_ct_cond_select_sign(swap, s, Y->s);
|
Y->s = (int) mbedtls_ct_uint_if(swap, s, Y->s);
|
||||||
|
|
||||||
|
|
||||||
for (i = 0; i < X->n; i++) {
|
for (i = 0; i < X->n; i++) {
|
||||||
|
|
1
thirdparty/mbedtls/library/ctr_drbg.c
vendored
1
thirdparty/mbedtls/library/ctr_drbg.c
vendored
|
@ -30,6 +30,7 @@
|
||||||
#include "mbedtls/platform_util.h"
|
#include "mbedtls/platform_util.h"
|
||||||
#include "mbedtls/error.h"
|
#include "mbedtls/error.h"
|
||||||
|
|
||||||
|
#include <limits.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
#if defined(MBEDTLS_FS_IO)
|
#if defined(MBEDTLS_FS_IO)
|
||||||
|
|
12
thirdparty/mbedtls/library/debug.c
vendored
12
thirdparty/mbedtls/library/debug.c
vendored
|
@ -30,6 +30,7 @@
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
|
/* DEBUG_BUF_SIZE must be at least 2 */
|
||||||
#define DEBUG_BUF_SIZE 512
|
#define DEBUG_BUF_SIZE 512
|
||||||
|
|
||||||
static int debug_threshold = 0;
|
static int debug_threshold = 0;
|
||||||
|
@ -69,6 +70,8 @@ void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
|
||||||
char str[DEBUG_BUF_SIZE];
|
char str[DEBUG_BUF_SIZE];
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
|
MBEDTLS_STATIC_ASSERT(DEBUG_BUF_SIZE >= 2, "DEBUG_BUF_SIZE too small");
|
||||||
|
|
||||||
if (NULL == ssl ||
|
if (NULL == ssl ||
|
||||||
NULL == ssl->conf ||
|
NULL == ssl->conf ||
|
||||||
NULL == ssl->conf->f_dbg ||
|
NULL == ssl->conf->f_dbg ||
|
||||||
|
@ -80,10 +83,15 @@ void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
|
||||||
ret = mbedtls_vsnprintf(str, DEBUG_BUF_SIZE, format, argp);
|
ret = mbedtls_vsnprintf(str, DEBUG_BUF_SIZE, format, argp);
|
||||||
va_end(argp);
|
va_end(argp);
|
||||||
|
|
||||||
if (ret >= 0 && ret < DEBUG_BUF_SIZE - 1) {
|
if (ret < 0) {
|
||||||
|
ret = 0;
|
||||||
|
} else {
|
||||||
|
if (ret >= DEBUG_BUF_SIZE - 1) {
|
||||||
|
ret = DEBUG_BUF_SIZE - 2;
|
||||||
|
}
|
||||||
|
}
|
||||||
str[ret] = '\n';
|
str[ret] = '\n';
|
||||||
str[ret + 1] = '\0';
|
str[ret + 1] = '\0';
|
||||||
}
|
|
||||||
|
|
||||||
debug_send_line(ssl, level, file, line, str);
|
debug_send_line(ssl, level, file, line, str);
|
||||||
}
|
}
|
||||||
|
|
2
thirdparty/mbedtls/library/ecdh.c
vendored
2
thirdparty/mbedtls/library/ecdh.c
vendored
|
@ -20,7 +20,7 @@
|
||||||
/*
|
/*
|
||||||
* References:
|
* References:
|
||||||
*
|
*
|
||||||
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
|
* SEC1 https://www.secg.org/sec1-v2.pdf
|
||||||
* RFC 4492
|
* RFC 4492
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
2
thirdparty/mbedtls/library/ecdsa.c
vendored
2
thirdparty/mbedtls/library/ecdsa.c
vendored
|
@ -20,7 +20,7 @@
|
||||||
/*
|
/*
|
||||||
* References:
|
* References:
|
||||||
*
|
*
|
||||||
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
|
* SEC1 https://www.secg.org/sec1-v2.pdf
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "common.h"
|
#include "common.h"
|
||||||
|
|
10
thirdparty/mbedtls/library/ecp.c
vendored
10
thirdparty/mbedtls/library/ecp.c
vendored
|
@ -20,13 +20,15 @@
|
||||||
/*
|
/*
|
||||||
* References:
|
* References:
|
||||||
*
|
*
|
||||||
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
|
* SEC1 https://www.secg.org/sec1-v2.pdf
|
||||||
* GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone
|
* GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone
|
||||||
* FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
|
* FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
|
||||||
* RFC 4492 for the related TLS structures and constants
|
* RFC 4492 for the related TLS structures and constants
|
||||||
|
* - https://www.rfc-editor.org/rfc/rfc4492
|
||||||
* RFC 7748 for the Curve448 and Curve25519 curve definitions
|
* RFC 7748 for the Curve448 and Curve25519 curve definitions
|
||||||
|
* - https://www.rfc-editor.org/rfc/rfc7748
|
||||||
*
|
*
|
||||||
* [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf
|
* [Curve25519] https://cr.yp.to/ecdh/curve25519-20060209.pdf
|
||||||
*
|
*
|
||||||
* [2] CORON, Jean-S'ebastien. Resistance against differential power analysis
|
* [2] CORON, Jean-S'ebastien. Resistance against differential power analysis
|
||||||
* for elliptic curve cryptosystems. In : Cryptographic Hardware and
|
* for elliptic curve cryptosystems. In : Cryptographic Hardware and
|
||||||
|
@ -2591,6 +2593,7 @@ static int ecp_mul_mxz(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
|
||||||
void *p_rng)
|
void *p_rng)
|
||||||
{
|
{
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
int have_rng = 1;
|
||||||
size_t i;
|
size_t i;
|
||||||
unsigned char b;
|
unsigned char b;
|
||||||
mbedtls_ecp_point RP;
|
mbedtls_ecp_point RP;
|
||||||
|
@ -2623,9 +2626,8 @@ static int ecp_mul_mxz(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
|
||||||
/* RP.X might be slightly larger than P, so reduce it */
|
/* RP.X might be slightly larger than P, so reduce it */
|
||||||
MOD_ADD(RP.X);
|
MOD_ADD(RP.X);
|
||||||
|
|
||||||
/* Randomize coordinates of the starting point */
|
|
||||||
int have_rng = 1;
|
|
||||||
#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
|
#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
|
||||||
|
/* Derandomize coordinates of the starting point */
|
||||||
if (f_rng == NULL) {
|
if (f_rng == NULL) {
|
||||||
have_rng = 0;
|
have_rng = 0;
|
||||||
}
|
}
|
||||||
|
|
4
thirdparty/mbedtls/library/ecp_invasive.h
vendored
4
thirdparty/mbedtls/library/ecp_invasive.h
vendored
|
@ -61,7 +61,7 @@ void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits);
|
||||||
* This is the bit-size of the key minus 1:
|
* This is the bit-size of the key minus 1:
|
||||||
* 254 for Curve25519 or 447 for Curve448.
|
* 254 for Curve25519 or 447 for Curve448.
|
||||||
* \param d The randomly generated key. This is a number of size
|
* \param d The randomly generated key. This is a number of size
|
||||||
* exactly \p n_bits + 1 bits, with the least significant bits
|
* exactly \p high_bit + 1 bits, with the least significant bits
|
||||||
* masked as specified in [Curve25519] and in [RFC7748] §5.
|
* masked as specified in [Curve25519] and in [RFC7748] §5.
|
||||||
* \param f_rng The RNG function.
|
* \param f_rng The RNG function.
|
||||||
* \param p_rng The RNG context to be passed to \p f_rng.
|
* \param p_rng The RNG context to be passed to \p f_rng.
|
||||||
|
@ -69,7 +69,7 @@ void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits);
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure.
|
* \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure.
|
||||||
*/
|
*/
|
||||||
int mbedtls_ecp_gen_privkey_mx(size_t n_bits,
|
int mbedtls_ecp_gen_privkey_mx(size_t high_bit,
|
||||||
mbedtls_mpi *d,
|
mbedtls_mpi *d,
|
||||||
int (*f_rng)(void *, unsigned char *, size_t),
|
int (*f_rng)(void *, unsigned char *, size_t),
|
||||||
void *p_rng);
|
void *p_rng);
|
||||||
|
|
2
thirdparty/mbedtls/library/entropy.c
vendored
2
thirdparty/mbedtls/library/entropy.c
vendored
|
@ -31,6 +31,8 @@
|
||||||
#include "mbedtls/entropy_poll.h"
|
#include "mbedtls/entropy_poll.h"
|
||||||
#include "mbedtls/platform_util.h"
|
#include "mbedtls/platform_util.h"
|
||||||
#include "mbedtls/error.h"
|
#include "mbedtls/error.h"
|
||||||
|
#include "mbedtls/sha256.h"
|
||||||
|
#include "mbedtls/sha512.h"
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
|
|
7
thirdparty/mbedtls/library/net_sockets.c
vendored
7
thirdparty/mbedtls/library/net_sockets.c
vendored
|
@ -90,6 +90,7 @@ static int wsa_init_done = 0;
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
|
|
||||||
#define IS_EINTR(ret) ((ret) == EINTR)
|
#define IS_EINTR(ret) ((ret) == EINTR)
|
||||||
|
#define SOCKET int
|
||||||
|
|
||||||
#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
|
#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
|
||||||
|
|
||||||
|
@ -494,13 +495,13 @@ int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout)
|
||||||
FD_ZERO(&read_fds);
|
FD_ZERO(&read_fds);
|
||||||
if (rw & MBEDTLS_NET_POLL_READ) {
|
if (rw & MBEDTLS_NET_POLL_READ) {
|
||||||
rw &= ~MBEDTLS_NET_POLL_READ;
|
rw &= ~MBEDTLS_NET_POLL_READ;
|
||||||
FD_SET(fd, &read_fds);
|
FD_SET((SOCKET) fd, &read_fds);
|
||||||
}
|
}
|
||||||
|
|
||||||
FD_ZERO(&write_fds);
|
FD_ZERO(&write_fds);
|
||||||
if (rw & MBEDTLS_NET_POLL_WRITE) {
|
if (rw & MBEDTLS_NET_POLL_WRITE) {
|
||||||
rw &= ~MBEDTLS_NET_POLL_WRITE;
|
rw &= ~MBEDTLS_NET_POLL_WRITE;
|
||||||
FD_SET(fd, &write_fds);
|
FD_SET((SOCKET) fd, &write_fds);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rw != 0) {
|
if (rw != 0) {
|
||||||
|
@ -608,7 +609,7 @@ int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf,
|
||||||
}
|
}
|
||||||
|
|
||||||
FD_ZERO(&read_fds);
|
FD_ZERO(&read_fds);
|
||||||
FD_SET(fd, &read_fds);
|
FD_SET((SOCKET) fd, &read_fds);
|
||||||
|
|
||||||
tv.tv_sec = timeout / 1000;
|
tv.tv_sec = timeout / 1000;
|
||||||
tv.tv_usec = (timeout % 1000) * 1000;
|
tv.tv_usec = (timeout % 1000) * 1000;
|
||||||
|
|
5
thirdparty/mbedtls/library/pk.c
vendored
5
thirdparty/mbedtls/library/pk.c
vendored
|
@ -646,6 +646,7 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
|
||||||
psa_key_type_t key_type;
|
psa_key_type_t key_type;
|
||||||
size_t bits;
|
size_t bits;
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
psa_status_t status;
|
||||||
|
|
||||||
/* export the private key material in the format PSA wants */
|
/* export the private key material in the format PSA wants */
|
||||||
if (mbedtls_pk_get_type(pk) != MBEDTLS_PK_ECKEY) {
|
if (mbedtls_pk_get_type(pk) != MBEDTLS_PK_ECKEY) {
|
||||||
|
@ -668,7 +669,9 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
|
||||||
psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(hash_alg));
|
psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(hash_alg));
|
||||||
|
|
||||||
/* import private key into PSA */
|
/* import private key into PSA */
|
||||||
if (PSA_SUCCESS != psa_import_key(&attributes, d, d_len, key)) {
|
status = psa_import_key(&attributes, d, d_len, key);
|
||||||
|
mbedtls_platform_zeroize(d, sizeof(d));
|
||||||
|
if (status != PSA_SUCCESS) {
|
||||||
return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
|
return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
2
thirdparty/mbedtls/library/pkparse.c
vendored
2
thirdparty/mbedtls/library/pkparse.c
vendored
|
@ -1235,6 +1235,8 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk,
|
||||||
mbedtls_pem_context pem;
|
mbedtls_pem_context pem;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
(void) pk_info;
|
||||||
|
|
||||||
PK_VALIDATE_RET(pk != NULL);
|
PK_VALIDATE_RET(pk != NULL);
|
||||||
if (keylen == 0) {
|
if (keylen == 0) {
|
||||||
return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
|
return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
|
||||||
|
|
9
thirdparty/mbedtls/library/pkwrite.c
vendored
9
thirdparty/mbedtls/library/pkwrite.c
vendored
|
@ -178,6 +178,11 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
|
|
||||||
|
(void) p;
|
||||||
|
(void) start;
|
||||||
|
(void) key;
|
||||||
|
(void) ret;
|
||||||
|
|
||||||
PK_VALIDATE_RET(p != NULL);
|
PK_VALIDATE_RET(p != NULL);
|
||||||
PK_VALIDATE_RET(*p != NULL);
|
PK_VALIDATE_RET(*p != NULL);
|
||||||
PK_VALIDATE_RET(start != NULL);
|
PK_VALIDATE_RET(start != NULL);
|
||||||
|
@ -313,6 +318,10 @@ int mbedtls_pk_write_key_der(mbedtls_pk_context *key, unsigned char *buf, size_t
|
||||||
unsigned char *c;
|
unsigned char *c;
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
|
|
||||||
|
(void) ret;
|
||||||
|
(void) c;
|
||||||
|
(void) key;
|
||||||
|
|
||||||
PK_VALIDATE_RET(key != NULL);
|
PK_VALIDATE_RET(key != NULL);
|
||||||
if (size == 0) {
|
if (size == 0) {
|
||||||
return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
|
return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
|
||||||
|
|
22
thirdparty/mbedtls/library/timing.c
vendored
22
thirdparty/mbedtls/library/timing.c
vendored
|
@ -17,6 +17,8 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
#include "common.h"
|
#include "common.h"
|
||||||
|
|
||||||
#include "mbedtls/platform.h"
|
#include "mbedtls/platform.h"
|
||||||
|
@ -231,17 +233,20 @@ volatile int mbedtls_timing_alarmed = 0;
|
||||||
|
|
||||||
unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
|
unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
|
||||||
{
|
{
|
||||||
struct _hr_time *t = (struct _hr_time *) val;
|
struct _hr_time t;
|
||||||
|
|
||||||
if (reset) {
|
if (reset) {
|
||||||
QueryPerformanceCounter(&t->start);
|
QueryPerformanceCounter(&t.start);
|
||||||
|
memcpy(val, &t, sizeof(struct _hr_time));
|
||||||
return 0;
|
return 0;
|
||||||
} else {
|
} else {
|
||||||
unsigned long delta;
|
unsigned long delta;
|
||||||
LARGE_INTEGER now, hfreq;
|
LARGE_INTEGER now, hfreq;
|
||||||
|
/* We can't safely cast val because it may not be aligned, so use memcpy */
|
||||||
|
memcpy(&t, val, sizeof(struct _hr_time));
|
||||||
QueryPerformanceCounter(&now);
|
QueryPerformanceCounter(&now);
|
||||||
QueryPerformanceFrequency(&hfreq);
|
QueryPerformanceFrequency(&hfreq);
|
||||||
delta = (unsigned long) ((now.QuadPart - t->start.QuadPart) * 1000ul
|
delta = (unsigned long) ((now.QuadPart - t.start.QuadPart) * 1000ul
|
||||||
/ hfreq.QuadPart);
|
/ hfreq.QuadPart);
|
||||||
return delta;
|
return delta;
|
||||||
}
|
}
|
||||||
|
@ -277,17 +282,20 @@ void mbedtls_set_alarm(int seconds)
|
||||||
|
|
||||||
unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
|
unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
|
||||||
{
|
{
|
||||||
struct _hr_time *t = (struct _hr_time *) val;
|
struct _hr_time t;
|
||||||
|
|
||||||
if (reset) {
|
if (reset) {
|
||||||
gettimeofday(&t->start, NULL);
|
gettimeofday(&t.start, NULL);
|
||||||
|
memcpy(val, &t, sizeof(struct _hr_time));
|
||||||
return 0;
|
return 0;
|
||||||
} else {
|
} else {
|
||||||
unsigned long delta;
|
unsigned long delta;
|
||||||
struct timeval now;
|
struct timeval now;
|
||||||
|
/* We can't safely cast val because it may not be aligned, so use memcpy */
|
||||||
|
memcpy(&t, val, sizeof(struct _hr_time));
|
||||||
gettimeofday(&now, NULL);
|
gettimeofday(&now, NULL);
|
||||||
delta = (now.tv_sec - t->start.tv_sec) * 1000ul
|
delta = (now.tv_sec - t.start.tv_sec) * 1000ul
|
||||||
+ (now.tv_usec - t->start.tv_usec) / 1000;
|
+ (now.tv_usec - t.start.tv_usec) / 1000;
|
||||||
return delta;
|
return delta;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
14
thirdparty/mbedtls/library/x509.c
vendored
14
thirdparty/mbedtls/library/x509.c
vendored
|
@ -53,12 +53,16 @@
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define CHECK(code) if ((ret = (code)) != 0) { return ret; }
|
#define CHECK(code) \
|
||||||
|
do { \
|
||||||
|
if ((ret = (code)) != 0) { \
|
||||||
|
return ret; \
|
||||||
|
} \
|
||||||
|
} while (0)
|
||||||
|
|
||||||
#define CHECK_RANGE(min, max, val) \
|
#define CHECK_RANGE(min, max, val) \
|
||||||
do \
|
do { \
|
||||||
{ \
|
if ((val) < (min) || (val) > (max)) { \
|
||||||
if ((val) < (min) || (val) > (max)) \
|
|
||||||
{ \
|
|
||||||
return ret; \
|
return ret; \
|
||||||
} \
|
} \
|
||||||
} while (0)
|
} while (0)
|
||||||
|
|
5
thirdparty/mbedtls/library/x509_create.c
vendored
5
thirdparty/mbedtls/library/x509_create.c
vendored
|
@ -125,7 +125,7 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name,
|
||||||
|
|
||||||
int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name)
|
int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name)
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = MBEDTLS_ERR_X509_INVALID_NAME;
|
||||||
const char *s = name, *c = s;
|
const char *s = name, *c = s;
|
||||||
const char *end = s + strlen(s);
|
const char *end = s + strlen(s);
|
||||||
const char *oid = NULL;
|
const char *oid = NULL;
|
||||||
|
@ -177,6 +177,9 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam
|
||||||
|
|
||||||
s = c + 1;
|
s = c + 1;
|
||||||
in_tag = 1;
|
in_tag = 1;
|
||||||
|
|
||||||
|
/* Successfully parsed one name, update ret to success */
|
||||||
|
ret = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!in_tag && s != c + 1) {
|
if (!in_tag && s != c + 1) {
|
||||||
|
|
18
thirdparty/mbedtls/library/x509_crt.c
vendored
18
thirdparty/mbedtls/library/x509_crt.c
vendored
|
@ -1945,15 +1945,18 @@ int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
|
||||||
}
|
}
|
||||||
|
|
||||||
#define PRINT_ITEM(i) \
|
#define PRINT_ITEM(i) \
|
||||||
{ \
|
do { \
|
||||||
ret = mbedtls_snprintf(p, n, "%s" i, sep); \
|
ret = mbedtls_snprintf(p, n, "%s" i, sep); \
|
||||||
MBEDTLS_X509_SAFE_SNPRINTF; \
|
MBEDTLS_X509_SAFE_SNPRINTF; \
|
||||||
sep = ", "; \
|
sep = ", "; \
|
||||||
}
|
} while (0)
|
||||||
|
|
||||||
#define CERT_TYPE(type, name) \
|
#define CERT_TYPE(type, name) \
|
||||||
if (ns_cert_type & (type)) \
|
do { \
|
||||||
PRINT_ITEM(name);
|
if (ns_cert_type & (type)) { \
|
||||||
|
PRINT_ITEM(name); \
|
||||||
|
} \
|
||||||
|
} while (0)
|
||||||
|
|
||||||
static int x509_info_cert_type(char **buf, size_t *size,
|
static int x509_info_cert_type(char **buf, size_t *size,
|
||||||
unsigned char ns_cert_type)
|
unsigned char ns_cert_type)
|
||||||
|
@ -1979,8 +1982,11 @@ static int x509_info_cert_type(char **buf, size_t *size,
|
||||||
}
|
}
|
||||||
|
|
||||||
#define KEY_USAGE(code, name) \
|
#define KEY_USAGE(code, name) \
|
||||||
if (key_usage & (code)) \
|
do { \
|
||||||
PRINT_ITEM(name);
|
if (key_usage & (code)) { \
|
||||||
|
PRINT_ITEM(name); \
|
||||||
|
} \
|
||||||
|
} while (0)
|
||||||
|
|
||||||
static int x509_info_key_usage(char **buf, size_t *size,
|
static int x509_info_key_usage(char **buf, size_t *size,
|
||||||
unsigned int key_usage)
|
unsigned int key_usage)
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
diff --git a/thirdparty/mbedtls/library/timing.c b/thirdparty/mbedtls/library/timing.c
|
diff --git a/thirdparty/mbedtls/library/timing.c b/thirdparty/mbedtls/library/timing.c
|
||||||
index 47e34f9227..eeb1d503a8 100644
|
index 94b55b3715..58c2c2730d 100644
|
||||||
--- a/thirdparty/mbedtls/library/timing.c
|
--- a/thirdparty/mbedtls/library/timing.c
|
||||||
+++ b/thirdparty/mbedtls/library/timing.c
|
+++ b/thirdparty/mbedtls/library/timing.c
|
||||||
@@ -188,8 +188,10 @@ unsigned long mbedtls_timing_hardclock(void)
|
@@ -190,8 +190,10 @@ unsigned long mbedtls_timing_hardclock(void)
|
||||||
#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
|
#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
|
||||||
__GNUC__ && __ia64__ */
|
__GNUC__ && __ia64__ */
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue