Bump mbedtls to 2.16.12

Remove upstreamed patches.
Re-apply padlock and uwp patches.

NOTE: We could replace our padloack patch with mbedtls 3452.
(cherry picked from commit 36d316876b)
This commit is contained in:
Fabio Alessandrelli 2021-12-20 12:46:03 +01:00 committed by Rémi Verschelde
parent 0462f7cacc
commit a40b88dc2c
No known key found for this signature in database
GPG key ID: C3336907360768E1
65 changed files with 1085 additions and 886 deletions

View file

@ -262,7 +262,7 @@ changes are marked with `// -- GODOT --` comments.
## mbedtls ## mbedtls
- Upstream: https://tls.mbed.org/ - Upstream: https://tls.mbed.org/
- Version: 2.16.11 (aa1d4e097342af799ba80dfb13640efef498227c, 2021) - Version: 2.16.12 (cf4667126010c665341f9e50ef691b7ef8294188, 2021)
- License: Apache 2.0 - License: Apache 2.0
File extracted from upstream release tarball: File extracted from upstream release tarball:
@ -275,11 +275,6 @@ File extracted from upstream release tarball:
- Applied the patch in `patches/padlock.diff`. This disables VIA padlock - Applied the patch in `patches/padlock.diff`. This disables VIA padlock
support which defines a symbol `unsupported` which clashes with a support which defines a symbol `unsupported` which clashes with a
pre-defined symbol. pre-defined symbol.
- Applied the patch in `patches/pr4948-fix-clang12-opt.patch`. Upstream bugfix
from PR 4948 to fix a bug caused by Clang 12 optimizations.
- Applied the patch in `patches/pr4819-faster-base64.patch`. This fixes a certs
parsing speed regression since 2.16.10 (upstream PR:
https://github.com/ARMmbed/mbedtls/pull/4819).
- Added 2 files `godot_core_mbedtls_platform.c` and `godot_core_mbedtls_config.h` - Added 2 files `godot_core_mbedtls_platform.c` and `godot_core_mbedtls_config.h`
providing configuration for light bundling with core. providing configuration for light bundling with core.

View file

@ -81,17 +81,22 @@
#define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */ #define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */
/* Error codes in range 0x0020-0x0022 */ /* Error codes in range 0x0020-0x0022 */
#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ /** Invalid key length. */
#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ #define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020
/** Invalid data input length. */
#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022
/* Error codes in range 0x0021-0x0025 */ /* Error codes in range 0x0021-0x0025 */
#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */ /** Invalid input data. */
#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021
/* MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE is deprecated and should not be used. */ /* MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE is deprecated and should not be used. */
#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */ /** Feature not available. For example, an unsupported AES key size. */
#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023
/* MBEDTLS_ERR_AES_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_AES_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */ /** AES hardware accelerator failed. */
#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus) !defined(inline) && !defined(__cplusplus)
@ -533,10 +538,6 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
* \brief This function performs an AES-CTR encryption or decryption * \brief This function performs an AES-CTR encryption or decryption
* operation. * operation.
* *
* This function performs the operation defined in the \p mode
* parameter (encrypt/decrypt), on the input data buffer
* defined in the \p input parameter.
*
* Due to the nature of CTR, you must use the same key schedule * Due to the nature of CTR, you must use the same key schedule
* for both encryption and decryption operations. Therefore, you * for both encryption and decryption operations. Therefore, you
* must use the context initialized with mbedtls_aes_setkey_enc() * must use the context initialized with mbedtls_aes_setkey_enc()

View file

@ -62,7 +62,8 @@
#include <stddef.h> #include <stddef.h>
/* MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED -0x0019 /**< ARC4 hardware accelerator failed. */ /** ARC4 hardware accelerator failed. */
#define MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED -0x0019
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -77,16 +77,20 @@
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x005C ) #define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x005C )
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C /**< Bad input data. */ /** Bad input data. */
#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C
#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E /**< Invalid data input length. */ /** Invalid data input length. */
#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E
/* MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE is deprecated and should not be used. /* MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE is deprecated and should not be used.
*/ */
#define MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE -0x005A /**< Feature not available. For example, an unsupported ARIA key size. */ /** Feature not available. For example, an unsupported ARIA key size. */
#define MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE -0x005A
/* MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED -0x0058 /**< ARIA hardware accelerator failed. */ /** ARIA hardware accelerator failed. */
#define MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED -0x0058
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -73,13 +73,20 @@
* ASN1 is a standard to specify data structures. * ASN1 is a standard to specify data structures.
* \{ * \{
*/ */
#define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */ /** Out of data when parsing an ASN1 data structure. */
#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */ #define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060
#define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */ /** ASN1 tag was of an unexpected value. */
#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */ #define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062
#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. (not used) */ /** Error when trying to determine the length or invalid length. */
#define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A /**< Memory allocation failed */ #define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064
#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */ /** Actual length differs from expected length. */
#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066
/** Data is invalid. (not used) */
#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068
/** Memory allocation failed */
#define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A
/** Buffer too small when writing ASN.1 data structure. */
#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C
/* \} name */ /* \} name */

View file

@ -57,8 +57,10 @@
#include <stddef.h> #include <stddef.h>
#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ /** Output buffer too small. */
#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */ #define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A
/** Invalid character in input. */
#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER -0x002C
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -62,14 +62,22 @@
#include <stdio.h> #include <stdio.h>
#endif #endif
#define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */ /** An error occurred while reading from or writing to a file. */
#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002
#define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */ #define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004
#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */ /** There is an invalid character in the digit string. */
#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */ #define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006
#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */ /** The buffer is too small to write to. */
#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 /**< Memory allocation failed. */ #define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008
/** The input arguments are negative or result in illegal output. */
#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A
/** The input argument for division is zero, which is not allowed. */
#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C
/** The input arguments are not acceptable. */
#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E
/** Memory allocation failed. */
#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010
#define MBEDTLS_MPI_CHK(f) \ #define MBEDTLS_MPI_CHK(f) \
do \ do \
@ -821,14 +829,14 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A,
* \param E The exponent MPI. This must point to an initialized MPI. * \param E The exponent MPI. This must point to an initialized MPI.
* \param N The base for the modular reduction. This must point to an * \param N The base for the modular reduction. This must point to an
* initialized MPI. * initialized MPI.
* \param _RR A helper MPI depending solely on \p N which can be used to * \param prec_RR A helper MPI depending solely on \p N which can be used to
* speed-up multiple modular exponentiations for the same value * speed-up multiple modular exponentiations for the same value
* of \p N. This may be \c NULL. If it is not \c NULL, it must * of \p N. This may be \c NULL. If it is not \c NULL, it must
* point to an initialized MPI. If it hasn't been used after * point to an initialized MPI. If it hasn't been used after
* the call to mbedtls_mpi_init(), this function will compute * the call to mbedtls_mpi_init(), this function will compute
* the helper value and store it in \p _RR for reuse on * the helper value and store it in \p prec_RR for reuse on
* subsequent calls to this function. Otherwise, the function * subsequent calls to this function. Otherwise, the function
* will assume that \p _RR holds the helper value set by a * will assume that \p prec_RR holds the helper value set by a
* previous call to mbedtls_mpi_exp_mod(), and reuse it. * previous call to mbedtls_mpi_exp_mod(), and reuse it.
* *
* \return \c 0 if successful. * \return \c 0 if successful.
@ -840,7 +848,7 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A,
*/ */
int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *E, const mbedtls_mpi *N, const mbedtls_mpi *E, const mbedtls_mpi *N,
mbedtls_mpi *_RR ); mbedtls_mpi *prec_RR );
/** /**
* \brief Fill an MPI with a number of random bytes. * \brief Fill an MPI with a number of random bytes.

View file

@ -70,13 +70,16 @@
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0016 ) #define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0016 )
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016 /**< Bad input data. */ /** Bad input data. */
#define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016
#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */ /** Invalid data input length. */
#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018
/* MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED is deprecated and should not be used. /* MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED is deprecated and should not be used.
*/ */
#define MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED -0x0017 /**< Blowfish hardware accelerator failed. */ /** Blowfish hardware accelerator failed. */
#define MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED -0x0017
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -66,13 +66,16 @@
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0024 ) #define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0024 )
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024 /**< Bad input data. */ /** Bad input data. */
#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024
#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ /** Invalid data input length. */
#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026
/* MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED is deprecated and should not be used. /* MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED is deprecated and should not be used.
*/ */
#define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED -0x0027 /**< Camellia hardware accelerator failed. */ /** Camellia hardware accelerator failed. */
#define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED -0x0027
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -82,11 +82,14 @@
#include "cipher.h" #include "cipher.h"
#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */ /** Bad input parameters to the function. */
#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */ #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D
/** Authenticated decryption failed. */
#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F
/* MBEDTLS_ERR_CCM_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_CCM_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011 /**< CCM hardware accelerator failed. */ /** CCM hardware accelerator failed. */
#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -68,15 +68,18 @@
#include <stdint.h> #include <stdint.h>
#include <stddef.h> #include <stddef.h>
#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x0051 /**< Invalid input parameter(s). */ /** Invalid input parameter(s). */
#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x0051
/* MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE is deprecated and should not be /* MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE is deprecated and should not be
* used. */ * used. */
#define MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE -0x0053 /**< Feature not available. For example, s part of the API is not implemented. */ /** Feature not available. For example, s part of the API is not implemented. */
#define MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE -0x0053
/* MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED is deprecated and should not be used. /* MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED is deprecated and should not be used.
*/ */
#define MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED -0x0055 /**< Chacha20 hardware accelerator failed. */ /** Chacha20 hardware accelerator failed. */
#define MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED -0x0055
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -68,8 +68,10 @@
/* for shared error codes */ /* for shared error codes */
#include "poly1305.h" #include "poly1305.h"
#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054 /**< The requested operation is not permitted in the current state. */ /** The requested operation is not permitted in the current state. */
#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056 /**< Authenticated decryption failed: data was not authentic. */ #define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054
/** Authenticated decryption failed: data was not authentic. */
#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -490,10 +490,6 @@
#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
#endif #endif
#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY) #if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites"
#endif #endif

View file

@ -81,16 +81,24 @@
#define inline __inline #define inline __inline
#endif #endif
#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ /** The selected feature is not available. */
#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters. */ #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */ /** Bad input parameters. */
#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */ #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ /** Failed to allocate memory. */
#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */ #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 /**< The context is invalid. For example, because it was freed. */ /** Input data contains invalid padding and is rejected. */
#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
/** Decryption of block requires a full block. */
#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
/** Authentication failed (for AEAD modes). */
#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
/** The context is invalid. For example, because it was freed. */
#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
/* MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400 /**< Cipher hardware accelerator failed. */ /** Cipher hardware accelerator failed. */
#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400
#define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length. */ #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length. */
#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length. */ #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length. */

View file

@ -66,7 +66,8 @@ extern "C" {
#endif #endif
/* MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A /**< CMAC hardware accelerator failed. */ /** CMAC hardware accelerator failed. */
#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A
#define MBEDTLS_AES_BLOCK_SIZE 16 #define MBEDTLS_AES_BLOCK_SIZE 16
#define MBEDTLS_DES3_BLOCK_SIZE 8 #define MBEDTLS_DES3_BLOCK_SIZE 8
@ -100,9 +101,17 @@ struct mbedtls_cmac_context_t
#endif /* !MBEDTLS_CMAC_ALT */ #endif /* !MBEDTLS_CMAC_ALT */
/** /**
* \brief This function sets the CMAC key, and prepares to authenticate * \brief This function starts a new CMAC computation
* by setting the CMAC key, and preparing to authenticate
* the input data. * the input data.
* Must be called with an initialized cipher context. * It must be called with an initialized cipher context.
*
* Once this function has completed, data can be supplied
* to the CMAC computation by calling
* mbedtls_cipher_cmac_update().
*
* To start a CMAC computation using the same key as a previous
* CMAC computation, use mbedtls_cipher_cmac_finish().
* *
* \param ctx The cipher context used for the CMAC operation, initialized * \param ctx The cipher context used for the CMAC operation, initialized
* as one of the following types: MBEDTLS_CIPHER_AES_128_ECB, * as one of the following types: MBEDTLS_CIPHER_AES_128_ECB,
@ -122,9 +131,15 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
* \brief This function feeds an input buffer into an ongoing CMAC * \brief This function feeds an input buffer into an ongoing CMAC
* computation. * computation.
* *
* It is called between mbedtls_cipher_cmac_starts() or * The CMAC computation must have previously been started
* mbedtls_cipher_cmac_reset(), and mbedtls_cipher_cmac_finish(). * by calling mbedtls_cipher_cmac_starts() or
* Can be called repeatedly. * mbedtls_cipher_cmac_reset().
*
* Call this function as many times as needed to input the
* data to be authenticated.
* Once all of the required data has been input,
* call mbedtls_cipher_cmac_finish() to obtain the result
* of the CMAC operation.
* *
* \param ctx The cipher context used for the CMAC operation. * \param ctx The cipher context used for the CMAC operation.
* \param input The buffer holding the input data. * \param input The buffer holding the input data.
@ -138,12 +153,13 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
const unsigned char *input, size_t ilen ); const unsigned char *input, size_t ilen );
/** /**
* \brief This function finishes the CMAC operation, and writes * \brief This function finishes an ongoing CMAC operation, and
* the result to the output buffer. * writes the result to the output buffer.
* *
* It is called after mbedtls_cipher_cmac_update(). * It should be followed either by
* It can be followed by mbedtls_cipher_cmac_reset() and * mbedtls_cipher_cmac_reset(), which starts another CMAC
* mbedtls_cipher_cmac_update(), or mbedtls_cipher_free(). * operation with the same key, or mbedtls_cipher_free(),
* which clears the cipher context.
* *
* \param ctx The cipher context used for the CMAC operation. * \param ctx The cipher context used for the CMAC operation.
* \param output The output buffer for the CMAC checksum result. * \param output The output buffer for the CMAC checksum result.
@ -156,12 +172,14 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
unsigned char *output ); unsigned char *output );
/** /**
* \brief This function prepares the authentication of another * \brief This function starts a new CMAC operation with the same
* message with the same key as the previous CMAC * key as the previous one.
* operation.
* *
* It is called after mbedtls_cipher_cmac_finish() * It should be called after finishing the previous CMAC
* and before mbedtls_cipher_cmac_update(). * operation with mbedtls_cipher_cmac_finish().
* After calling this function,
* call mbedtls_cipher_cmac_update() to supply the new
* CMAC operation with data.
* *
* \param ctx The cipher context used for the CMAC operation. * \param ctx The cipher context used for the CMAC operation.
* *

View file

@ -96,10 +96,14 @@
#include "threading.h" #include "threading.h"
#endif #endif
#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ /** The entropy source failed. */
#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< The requested random buffer length is too big. */ #define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034
#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< The input (entropy + additional data) is too large. */ /** The requested random buffer length is too big. */
#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read or write error in file. */ #define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036
/** The input (entropy + additional data) is too large. */
#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038
/** Read or write error in file. */
#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A
#define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< The block size used by the cipher. */ #define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< The block size used by the cipher. */

View file

@ -66,10 +66,12 @@
#define MBEDTLS_DES_ENCRYPT 1 #define MBEDTLS_DES_ENCRYPT 1
#define MBEDTLS_DES_DECRYPT 0 #define MBEDTLS_DES_DECRYPT 0
#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */ /** The data input has an invalid length. */
#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032
/* MBEDTLS_ERR_DES_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_DES_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_DES_HW_ACCEL_FAILED -0x0033 /**< DES hardware accelerator failed. */ /** DES hardware accelerator failed. */
#define MBEDTLS_ERR_DES_HW_ACCEL_FAILED -0x0033
#define MBEDTLS_DES_KEY_SIZE 8 #define MBEDTLS_DES_KEY_SIZE 8

View file

@ -100,20 +100,31 @@
/* /*
* DHM Error codes * DHM Error codes
*/ */
#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters. */ /** Bad input parameters. */
#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */ #define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080
#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */ /** Reading of the DHM parameters failed. */
#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */ #define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100
#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */ /** Making of the DHM parameters failed. */
#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */ #define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180
#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */ /** Reading of the public values failed. */
#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */ #define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200
#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read or write of file failed. */ /** Making of the public value failed. */
#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280
/** Calculation of the DHM secret failed. */
#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300
/** The ASN.1 data is not formatted correctly. */
#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380
/** Allocation of memory failed. */
#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400
/** Read or write of file failed. */
#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480
/* MBEDTLS_ERR_DHM_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_DHM_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED -0x3500 /**< DHM hardware accelerator failed. */ /** DHM hardware accelerator failed. */
#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED -0x3500
#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580 /**< Setting the modulus and generator failed. */ /** Setting the modulus and generator failed. */
#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -72,19 +72,29 @@
/* /*
* ECP error codes * ECP error codes
*/ */
#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */ #define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80
#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< The requested feature is not available, for example, the requested curve is not supported. */ /** The buffer is too small to write to. */
#define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */ #define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00
#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80 /**< Memory allocation failed. */ /** The requested feature is not available, for example, the requested curve is not supported. */
#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as ephemeral key, failed. */ #define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80
#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */ /** The signature is not valid. */
#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< The buffer contains a valid signature followed by more data. */ #define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00
/** Memory allocation failed. */
#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80
/** Generation of random value, such as ephemeral key, failed. */
#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00
/** Invalid private or public key. */
#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80
/** The buffer contains a valid signature followed by more data. */
#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00
/* MBEDTLS_ERR_ECP_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_ECP_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED -0x4B80 /**< The ECP hardware accelerator failed. */ /** The ECP hardware accelerator failed. */
#define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED -0x4B80
#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00 /**< Operation in progress, call again with the same parameters to continue. */ /** Operation in progress, call again with the same parameters to continue. */
#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -75,11 +75,16 @@
#include "havege.h" #include "havege.h"
#endif #endif
#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */ /** Critical entropy source failure. */
#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */ #define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C
#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */ /** No more sources can be added. */
#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE -0x003D /**< No strong sources have been added to poll. */ #define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E
#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x003F /**< Read/write error in file. */ /** No sources have been added to poll. */
#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040
/** No strong sources have been added to poll. */
#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE -0x003D
/** Read/write error in file. */
#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x003F
/** /**
* \name SECTION: Module settings * \name SECTION: Module settings
@ -152,7 +157,7 @@ typedef struct mbedtls_entropy_context
* -1 after free. */ * -1 after free. */
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_context accumulator; mbedtls_sha512_context accumulator;
#else #elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR)
mbedtls_sha256_context accumulator; mbedtls_sha256_context accumulator;
#endif #endif
int source_count; /* Number of entries used in source. */ int source_count; /* Number of entries used in source. */

View file

@ -71,12 +71,15 @@
#define MBEDTLS_GCM_ENCRYPT 1 #define MBEDTLS_GCM_ENCRYPT 1
#define MBEDTLS_GCM_DECRYPT 0 #define MBEDTLS_GCM_DECRYPT 0
#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */ /** Authenticated decryption failed. */
#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012
/* MBEDTLS_ERR_GCM_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_GCM_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_GCM_HW_ACCEL_FAILED -0x0013 /**< GCM hardware accelerator failed. */ /** GCM hardware accelerator failed. */
#define MBEDTLS_ERR_GCM_HW_ACCEL_FAILED -0x0013
#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -64,7 +64,8 @@
* \name HKDF Error codes * \name HKDF Error codes
* \{ * \{
*/ */
#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80 /**< Bad input parameters to function. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80
/* \} name */ /* \} name */
#ifdef __cplusplus #ifdef __cplusplus

View file

@ -68,10 +68,14 @@
/* /*
* Error codes * Error codes
*/ */
#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */ /** Too many random requested in single call. */
#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */ #define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003
#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */ /** Input too large (Entropy + additional). */
#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /**< The entropy source failed. */ #define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005
/** Read/write error in file. */
#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007
/** The entropy source failed. */
#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009
/** /**
* \name SECTION: Module settings * \name SECTION: Module settings

View file

@ -60,13 +60,18 @@
#include MBEDTLS_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ /** The selected feature is not available. */
#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080
#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ #define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100
/** Failed to allocate memory. */
#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180
/** Opening or reading of file failed. */
#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200
/* MBEDTLS_ERR_MD_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_MD_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280 /**< MD hardware accelerator failed. */ /** MD hardware accelerator failed. */
#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -63,7 +63,8 @@
#include <stddef.h> #include <stddef.h>
/* MBEDTLS_ERR_MD2_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_MD2_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED -0x002B /**< MD2 hardware accelerator failed */ /** MD2 hardware accelerator failed */
#define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED -0x002B
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -64,7 +64,8 @@
#include <stdint.h> #include <stdint.h>
/* MBEDTLS_ERR_MD4_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_MD4_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED -0x002D /**< MD4 hardware accelerator failed */ /** MD4 hardware accelerator failed */
#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED -0x002D
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -63,7 +63,8 @@
#include <stdint.h> #include <stdint.h>
/* MBEDTLS_ERR_MD5_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_MD5_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED -0x002F /**< MD5 hardware accelerator failed */ /** MD5 hardware accelerator failed */
#define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED -0x002F
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -76,19 +76,32 @@
#include <stddef.h> #include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ /** Failed to open a socket. */
#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */ #define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042
#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */ /** The connection to the given server / port failed. */
#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */ #define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044
#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */ /** Binding of the socket failed. */
#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ #define MBEDTLS_ERR_NET_BIND_FAILED -0x0046
#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ /** Could not listen on the socket. */
#define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ #define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048
#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 /**< Failed to get an IP address for the given hostname. */ /** Could not accept the incoming connection. */
#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 /**< Buffer is too small to hold the data. */ #define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A
#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 /**< The context is invalid, eg because it was free()ed. */ /** Reading information from the socket failed. */
#define MBEDTLS_ERR_NET_POLL_FAILED -0x0047 /**< Polling the net context failed. */ #define MBEDTLS_ERR_NET_RECV_FAILED -0x004C
#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049 /**< Input invalid. */ /** Sending information through the socket failed. */
#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E
/** Connection was reset by peer. */
#define MBEDTLS_ERR_NET_CONN_RESET -0x0050
/** Failed to get an IP address for the given hostname. */
#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052
/** Buffer is too small to hold the data. */
#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043
/** The context is invalid, eg because it was free()ed. */
#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045
/** Polling the net context failed. */
#define MBEDTLS_ERR_NET_POLL_FAILED -0x0047
/** Input invalid. */
#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049
#define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */ #define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */

View file

@ -72,8 +72,10 @@
#include "x509.h" #include "x509.h"
#endif #endif
#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */ /** OID is not found. */
#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */ #define MBEDTLS_ERR_OID_NOT_FOUND -0x002E
/** output buffer is too small */
#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B
/* /*
* Top level OID tuples * Top level OID tuples

View file

@ -61,7 +61,8 @@
#include "aes.h" #include "aes.h"
#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ /** Input data should be aligned. */
#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030
#if defined(__has_feature) #if defined(__has_feature)
#if __has_feature(address_sanitizer) #if __has_feature(address_sanitizer)

View file

@ -63,15 +63,24 @@
* PEM data. * PEM data.
* \{ * \{
*/ */
#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */ /** No PEM header or footer found. */
#define MBEDTLS_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */ #define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080
#define MBEDTLS_ERR_PEM_ALLOC_FAILED -0x1180 /**< Failed to allocate memory. */ /** PEM string is not as expected. */
#define MBEDTLS_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */ #define MBEDTLS_ERR_PEM_INVALID_DATA -0x1100
#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */ /** Failed to allocate memory. */
#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */ #define MBEDTLS_ERR_PEM_ALLOC_FAILED -0x1180
#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */ /** RSA IV is not in hex-format. */
#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */ #define MBEDTLS_ERR_PEM_INVALID_ENC_IV -0x1200
#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */ /** Unsupported key encryption algorithm. */
#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG -0x1280
/** Private key password can't be empty. */
#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED -0x1300
/** Given private key password does not allow for correct decryption. */
#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH -0x1380
/** Unavailable feature, e.g. hashing/encryption combination. */
#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400
/** Bad input parameters to function. */
#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480
/* \} name */ /* \} name */
#ifdef __cplusplus #ifdef __cplusplus

View file

@ -75,23 +75,38 @@
#define inline __inline #define inline __inline
#endif #endif
#define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80 /**< Memory allocation failed. */ /** Memory allocation failed. */
#define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */ #define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80
#define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80 /**< Bad input parameters to function. */ /** Type mismatch, eg attempt to encrypt with an ECDSA key */
#define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00 /**< Read/write of file failed. */ #define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00
#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80 /**< Unsupported key version */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00 /**< Invalid key tag or value. */ #define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80
#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */ /** Read/write of file failed. */
#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00 /**< Private key password can't be empty. */ #define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00
#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80 /**< Given private key password does not allow for correct decryption. */ /** Unsupported key version */
#define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */ #define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80
#define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80 /**< The algorithm tag or value is invalid. */ /** Invalid key tag or value. */
#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */ #define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ /** Key algorithm is unsupported (only RSA and EC are supported). */
#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The buffer contains a valid signature followed by more data. */ #define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80
/** Private key password can't be empty. */
#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00
/** Given private key password does not allow for correct decryption. */
#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80
/** The pubkey tag or value is invalid (only RSA and EC are supported). */
#define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00
/** The algorithm tag or value is invalid. */
#define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80
/** Elliptic curve is unsupported (only NIST curves are supported). */
#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00
/** Unavailable feature, e.g. RSA disabled for RSA key. */
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980
/** The buffer contains a valid signature followed by more data. */
#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900
/* MBEDTLS_ERR_PK_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_PK_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880 /**< PK hardware accelerator failed. */ /** PK hardware accelerator failed. */
#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -61,10 +61,14 @@
#include <stddef.h> #include <stddef.h>
#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */ #define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80
#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */ /** Feature not available, e.g. unsupported encryption scheme. */
#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */ #define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00
/** PBE ASN.1 data not as expected. */
#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80
/** Given private key password does not allow for correct decryption. */
#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00
#define MBEDTLS_PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */ #define MBEDTLS_PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */
#define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */ #define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */
@ -102,11 +106,13 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
* \brief PKCS12 Password Based function (encryption / decryption) * \brief PKCS12 Password Based function (encryption / decryption)
* for cipher-based and mbedtls_md-based PBE's * for cipher-based and mbedtls_md-based PBE's
* *
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure
* \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT * \param mode either #MBEDTLS_PKCS12_PBE_ENCRYPT or
* #MBEDTLS_PKCS12_PBE_DECRYPT
* \param cipher_type the cipher used * \param cipher_type the cipher used
* \param md_type the mbedtls_md used * \param md_type the mbedtls_md used
* \param pwd the password used (may be NULL if no password is used) * \param pwd Latin1-encoded password used. This may only be \c NULL when
* \p pwdlen is 0. No null terminator should be used.
* \param pwdlen length of the password (may be 0) * \param pwdlen length of the password (may be 0)
* \param input the input data * \param input the input data
* \param len data length * \param len data length
@ -127,18 +133,24 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
* to produce pseudo-random bits for a particular "purpose". * to produce pseudo-random bits for a particular "purpose".
* *
* Depending on the given id, this function can produce an * Depending on the given id, this function can produce an
* encryption/decryption key, an nitialization vector or an * encryption/decryption key, an initialization vector or an
* integrity key. * integrity key.
* *
* \param data buffer to store the derived data in * \param data buffer to store the derived data in
* \param datalen length to fill * \param datalen length of buffer to fill
* \param pwd password to use (may be NULL if no password is used) * \param pwd The password to use. For compliance with PKCS#12 §B.1, this
* \param pwdlen length of the password (may be 0) * should be a BMPString, i.e. a Unicode string where each
* \param salt salt buffer to use * character is encoded as 2 bytes in big-endian order, with
* \param saltlen length of the salt * no byte order mark and with a null terminator (i.e. the
* \param mbedtls_md mbedtls_md type to use during the derivation * last two bytes should be 0x00 0x00).
* \param id id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY, * \param pwdlen length of the password (may be 0).
* MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY) * \param salt Salt buffer to use This may only be \c NULL when
* \p saltlen is 0.
* \param saltlen length of the salt (may be zero)
* \param mbedtls_md mbedtls_md type to use during the derivation
* \param id id that describes the purpose (can be
* #MBEDTLS_PKCS12_DERIVE_KEY, #MBEDTLS_PKCS12_DERIVE_IV or
* #MBEDTLS_PKCS12_DERIVE_MAC_KEY)
* \param iterations number of iterations * \param iterations number of iterations
* *
* \return 0 if successful, or a MD, BIGNUM type error. * \return 0 if successful, or a MD, BIGNUM type error.

View file

@ -63,10 +63,14 @@
#include <stddef.h> #include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80 /**< Bad input parameters to function. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00 /**< Unexpected ASN.1 data. */ #define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80
#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80 /**< Requested encryption or digest alg not available. */ /** Unexpected ASN.1 data. */
#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00 /**< Given private key password does not allow for correct decryption. */ #define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00
/** Requested encryption or digest alg not available. */
#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80
/** Given private key password does not allow for correct decryption. */
#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00
#define MBEDTLS_PKCS5_DECRYPT 0 #define MBEDTLS_PKCS5_DECRYPT 0
#define MBEDTLS_PKCS5_ENCRYPT 1 #define MBEDTLS_PKCS5_ENCRYPT 1

View file

@ -68,8 +68,10 @@
#include "platform_time.h" #include "platform_time.h"
#endif #endif
#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 /**< Hardware accelerator failed */ /** Hardware accelerator failed */
#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 /**< The requested feature is not supported by the platform */ #define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070
/** The requested feature is not supported by the platform */
#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -68,15 +68,18 @@
#include <stdint.h> #include <stdint.h>
#include <stddef.h> #include <stddef.h>
#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA -0x0057 /**< Invalid input parameter(s). */ /** Invalid input parameter(s). */
#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA -0x0057
/* MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE is deprecated and should not be /* MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE is deprecated and should not be
* used. */ * used. */
#define MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE -0x0059 /**< Feature not available. For example, s part of the API is not implemented. */ /** Feature not available. For example, s part of the API is not implemented. */
#define MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE -0x0059
/* MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED is deprecated and should not be used. /* MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED is deprecated and should not be used.
*/ */
#define MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED -0x005B /**< Poly1305 hardware accelerator failed. */ /** Poly1305 hardware accelerator failed. */
#define MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED -0x005B
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -60,7 +60,8 @@
/* MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED is deprecated and should not be used. /* MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED is deprecated and should not be used.
*/ */
#define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED -0x0031 /**< RIPEMD160 hardware accelerator failed */ /** RIPEMD160 hardware accelerator failed */
#define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED -0x0031
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -71,22 +71,33 @@
/* /*
* RSA Error codes * RSA Error codes
*/ */
#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */ #define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080
#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */ /** Input data contains invalid padding and is rejected. */
#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the validity check of the library. */ #define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100
#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */ /** Something failed during generation of a key. */
#define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */ #define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180
#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */ /** Key failed to pass the validity check of the library. */
#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */ #define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200
#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */ /** The public key operation failed. */
#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280
/** The private key operation failed. */
#define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300
/** The PKCS#1 verification failed. */
#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380
/** The output buffer for decryption is not large enough. */
#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400
/** The random generator failed to generate non-zeros. */
#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480
/* MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION is deprecated and should not be used. /* MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION is deprecated and should not be used.
*/ */
#define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500 /**< The implementation does not offer the requested operation, for example, because of security violations or lack of functionality. */ /** The implementation does not offer the requested operation, for example, because of security violations or lack of functionality. */
#define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500
/* MBEDTLS_ERR_RSA_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_RSA_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED -0x4580 /**< RSA hardware accelerator failed. */ /** RSA hardware accelerator failed. */
#define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED -0x4580
/* /*
* RSA constants * RSA constants

View file

@ -66,8 +66,10 @@
#include <stdint.h> #include <stdint.h>
/* MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */ /** SHA-1 hardware accelerator failed */
#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073 /**< SHA-1 input data was malformed. */ #define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035
/** SHA-1 input data was malformed. */
#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -62,8 +62,10 @@
#include <stdint.h> #include <stdint.h>
/* MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */ /** SHA-256 hardware accelerator failed */
#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074 /**< SHA-256 input data was malformed. */ #define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037
/** SHA-256 input data was malformed. */
#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -262,6 +264,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
* be a writable buffer of length \c 32 Bytes. * be a writable buffer of length \c 32 Bytes.
* \param is224 Determines which function to use. This must be * \param is224 Determines which function to use. This must be
* either \c 0 for SHA-256, or \c 1 for SHA-224. * either \c 0 for SHA-256, or \c 1 for SHA-224.
*
* \return \c 0 on success.
* \return A negative error code on failure.
*/ */
int mbedtls_sha256_ret( const unsigned char *input, int mbedtls_sha256_ret( const unsigned char *input,
size_t ilen, size_t ilen,

View file

@ -61,8 +61,10 @@
#include <stdint.h> #include <stdint.h>
/* MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED -0x0039 /**< SHA-512 hardware accelerator failed */ /** SHA-512 hardware accelerator failed */
#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA -0x0075 /**< SHA-512 input data was malformed. */ #define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED -0x0039
/** SHA-512 input data was malformed. */
#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA -0x0075
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -93,62 +93,118 @@
/* /*
* SSL Error codes * SSL Error codes
*/ */
#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ /** The requested feature is not available. */
#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080
#define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ #define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100
#define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ /** Verification of the message MAC failed. */
#define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ #define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180
#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ /** An invalid SSL record was received. */
#define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ #define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200
#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ /** The connection indicated an EOF. */
#define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message. */ #define MBEDTLS_ERR_SSL_CONN_EOF -0x7280
#define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ /** An unknown cipher was received. */
#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ #define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER -0x7300
#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ /** The server has no ciphersuites in common with the client. */
#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ #define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380
#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ /** No RNG was provided to the SSL module. */
#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */ #define MBEDTLS_ERR_SSL_NO_RNG -0x7400
#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ /** No client certification received from the client, but required by the authentication mode. */
#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480
#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ /** Our own certificate(s) is/are too large to send in an SSL message. */
#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ #define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500
#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ /** The own certificate is not set, but needed by the server. */
#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ #define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580
#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ /** The own private key or pre-shared key is not set, but needed. */
#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ #define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600
#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */ /** No CA Chain is set, but required to operate. */
#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ #define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680
#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ /** An unexpected message was received from our peer. */
#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ #define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700
#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ /** A fatal alert message was received from our peer. */
#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ #define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780
#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ /** Verification of our peer failed. */
#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ #define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED -0x7800
#define MBEDTLS_ERR_SSL_COMPRESSION_FAILED -0x6F00 /**< Processing of the compression / decompression failed */ /** The peer notified us that the connection is going to be closed. */
#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880
#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ /** Processing of the ClientHello handshake message failed. */
#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900
#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ /** Processing of the ServerHello handshake message failed. */
#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980
#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */ /** Processing of the Certificate handshake message failed. */
#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00
#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ /** Processing of the CertificateRequest handshake message failed. */
#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80
#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */ /** Processing of the ServerKeyExchange handshake message failed. */
#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00
#define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< No data of requested type currently available on underlying transport. */ /** Processing of the ServerHelloDone handshake message failed. */
#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80
#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */ /** Processing of the ClientKeyExchange handshake message failed. */
#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00
#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */ /** Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */
#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 /**< The alert message received indicates a non-fatal error. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80
#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH -0x6600 /**< Couldn't set the hash for verifying CertificateVerify */ /** Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */
#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00
#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */ /** Processing of the CertificateVerify handshake message failed. */
#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80
#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */ /** Processing of the ChangeCipherSpec handshake message failed. */
#define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80 /**< Invalid value in SSL config */ #define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00
/** Processing of the Finished handshake message failed. */
#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80
/** Memory allocation failed */
#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00
/** Hardware acceleration function returned with error */
#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80
/** Hardware acceleration function skipped / left alone data */
#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80
/** Processing of the compression / decompression failed */
#define MBEDTLS_ERR_SSL_COMPRESSION_FAILED -0x6F00
/** Handshake protocol not within min/max boundaries */
#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80
/** Processing of the NewSessionTicket handshake message failed. */
#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00
/** Session ticket has expired. */
#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80
/** Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00
/** Unknown identity received (eg, PSK identity) */
#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80
/** Internal error (eg, unexpected failure in lower-level module) */
#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00
/** A counter would wrap (eg, too many messages exchanged). */
#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80
/** Unexpected message at ServerHello in renegotiation. */
#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00
/** DTLS client must retry for hello verification */
#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80
/** A buffer is too small to receive or write a message */
#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00
/** None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */
#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980
/** No data of requested type currently available on underlying transport. */
#define MBEDTLS_ERR_SSL_WANT_READ -0x6900
/** Connection requires a write call. */
#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880
/** The operation timed out. */
#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800
/** The client initiated a reconnect from the same port. */
#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780
/** Record header looks valid but is not expected. */
#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700
/** The alert message received indicates a non-fatal error. */
#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680
/** Couldn't set the hash for verifying CertificateVerify */
#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH -0x6600
/** Internal-only message signaling that further message-processing should be done */
#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580
/** The asynchronous operation is not completed yet. */
#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500
/** Internal-only message signaling that a message arrived early. */
#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480
/** A cryptographic operation is in progress. Try again later. */
#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000
/** Invalid value in SSL config */
#define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80
/* /*
* Various constants * Various constants
@ -506,10 +562,11 @@ typedef int mbedtls_ssl_send_t( void *ctx,
* \param buf Buffer to write the received data to * \param buf Buffer to write the received data to
* \param len Length of the receive buffer * \param len Length of the receive buffer
* *
* \return The callback must return the number of bytes received, * \returns If data has been received, the positive number of bytes received.
* or a non-zero error code. * \returns \c 0 if the connection has been closed.
* If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ * \returns If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ
* must be returned when the operation would block. * must be returned when the operation would block.
* \returns Another negative error code on other kinds of failures.
* *
* \note The callback may receive fewer bytes than the length of the * \note The callback may receive fewer bytes than the length of the
* buffer. It must always return the number of bytes actually * buffer. It must always return the number of bytes actually

View file

@ -63,10 +63,13 @@ extern "C" {
/* MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE is deprecated and should not be /* MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE is deprecated and should not be
* used. */ * used. */
#define MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE -0x001A /**< The selected feature is not available. */ /** The selected feature is not available. */
#define MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE -0x001A
#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C /**< Bad input parameters to function. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E /**< Locking / unlocking / free failed with error code. */ #define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C
/** Locking / unlocking / free failed with error code. */
#define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E
#if defined(MBEDTLS_THREADING_PTHREAD) #if defined(MBEDTLS_THREADING_PTHREAD)
#include <pthread.h> #include <pthread.h>

View file

@ -65,16 +65,16 @@
*/ */
#define MBEDTLS_VERSION_MAJOR 2 #define MBEDTLS_VERSION_MAJOR 2
#define MBEDTLS_VERSION_MINOR 16 #define MBEDTLS_VERSION_MINOR 16
#define MBEDTLS_VERSION_PATCH 11 #define MBEDTLS_VERSION_PATCH 12
/** /**
* The single version number has the following structure: * The single version number has the following structure:
* MMNNPP00 * MMNNPP00
* Major version | Minor version | Patch version * Major version | Minor version | Patch version
*/ */
#define MBEDTLS_VERSION_NUMBER 0x02100B00 #define MBEDTLS_VERSION_NUMBER 0x02100C00
#define MBEDTLS_VERSION_STRING "2.16.11" #define MBEDTLS_VERSION_STRING "2.16.12"
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.11" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.12"
#if defined(MBEDTLS_VERSION_C) #if defined(MBEDTLS_VERSION_C)

View file

@ -83,26 +83,46 @@
* \name X509 Error codes * \name X509 Error codes
* \{ * \{
*/ */
#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */ /** Unavailable feature, e.g. RSA hashing/encryption combination. */
#define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */ #define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080
#define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */ /** Requested OID is unknown. */
#define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */ #define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100
#define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */ /** The CRT/CRL/CSR format is invalid, e.g. different type expected. */
#define MBEDTLS_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */ #define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180
#define MBEDTLS_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */ /** The CRT/CRL/CSR version element is invalid. */
#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */ #define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200
#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */ /** The serial tag or value is invalid. */
#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */ #define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280
#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */ /** The algorithm tag or value is invalid. */
#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */ #define MBEDTLS_ERR_X509_INVALID_ALG -0x2300
#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */ /** The name tag or value is invalid. */
#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ #define MBEDTLS_ERR_X509_INVALID_NAME -0x2380
#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */ /** The date tag or value is invalid. */
#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */ #define MBEDTLS_ERR_X509_INVALID_DATE -0x2400
#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */ /** The signature tag or value invalid. */
#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */ #define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480
#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */ /** The extension tag or value is invalid. */
#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occurred, eg the chain is too long or the vrfy callback failed. */ #define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500
/** CRT/CRL/CSR has an unsupported version number. */
#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580
/** Signature algorithm (oid) is unsupported. */
#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600
/** Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */
#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680
/** Certificate verification failed, e.g. CRL, CA or signature check failed. */
#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700
/** Format not recognized as DER or PEM. */
#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780
/** Input invalid. */
#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800
/** Allocation of memory failed. */
#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880
/** Read/write of file failed. */
#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900
/** Destination buffer is too small. */
#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980
/** A fatal error occurred, eg the chain is too long or the vrfy callback failed. */
#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000
/* \} name */ /* \} name */
/** /**

View file

@ -61,10 +61,12 @@
#define MBEDTLS_XTEA_ENCRYPT 1 #define MBEDTLS_XTEA_ENCRYPT 1
#define MBEDTLS_XTEA_DECRYPT 0 #define MBEDTLS_XTEA_DECRYPT 0
#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */ /** The data input has an invalid length. */
#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028
/* MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED -0x0029 /**< XTEA hardware accelerator failed. */ /** XTEA hardware accelerator failed. */
#define MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED -0x0029
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

View file

@ -1082,6 +1082,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int i; int i;
int ret;
unsigned char temp[16]; unsigned char temp[16];
AES_VALIDATE_RET( ctx != NULL ); AES_VALIDATE_RET( ctx != NULL );
@ -1111,7 +1112,9 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
while( length > 0 ) while( length > 0 )
{ {
memcpy( temp, input, 16 ); memcpy( temp, input, 16 );
mbedtls_aes_crypt_ecb( ctx, mode, input, output ); ret = mbedtls_aes_crypt_ecb( ctx, mode, input, output );
if( ret != 0 )
goto exit;
for( i = 0; i < 16; i++ ) for( i = 0; i < 16; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] ); output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -1130,7 +1133,9 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
for( i = 0; i < 16; i++ ) for( i = 0; i < 16; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] ); output[i] = (unsigned char)( input[i] ^ iv[i] );
mbedtls_aes_crypt_ecb( ctx, mode, output, output ); ret = mbedtls_aes_crypt_ecb( ctx, mode, output, output );
if( ret != 0 )
goto exit;
memcpy( iv, output, 16 ); memcpy( iv, output, 16 );
input += 16; input += 16;
@ -1138,8 +1143,10 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
length -= 16; length -= 16;
} }
} }
ret = 0;
return( 0 ); exit:
return( ret );
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
@ -1322,6 +1329,7 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int c; int c;
int ret;
size_t n; size_t n;
AES_VALIDATE_RET( ctx != NULL ); AES_VALIDATE_RET( ctx != NULL );
@ -1342,7 +1350,11 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
while( length-- ) while( length-- )
{ {
if( n == 0 ) if( n == 0 )
mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); {
ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
if( ret != 0 )
goto exit;
}
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ iv[n] ); *output++ = (unsigned char)( c ^ iv[n] );
@ -1356,7 +1368,11 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
while( length-- ) while( length-- )
{ {
if( n == 0 ) if( n == 0 )
mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); {
ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
if( ret != 0 )
goto exit;
}
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
@ -1365,8 +1381,10 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
} }
*iv_off = n; *iv_off = n;
ret = 0;
return( 0 ); exit:
return( ret );
} }
/* /*
@ -1379,6 +1397,7 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
{ {
int ret;
unsigned char c; unsigned char c;
unsigned char ov[17]; unsigned char ov[17];
@ -1391,7 +1410,9 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
while( length-- ) while( length-- )
{ {
memcpy( ov, iv, 16 ); memcpy( ov, iv, 16 );
mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
if( ret != 0 )
goto exit;
if( mode == MBEDTLS_AES_DECRYPT ) if( mode == MBEDTLS_AES_DECRYPT )
ov[16] = *input; ov[16] = *input;
@ -1403,8 +1424,10 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
memcpy( iv, ov + 1, 16 ); memcpy( iv, ov + 1, 16 );
} }
ret = 0;
return( 0 ); exit:
return( ret );
} }
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
@ -1466,6 +1489,7 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int c, i; int c, i;
int ret;
size_t n; size_t n;
AES_VALIDATE_RET( ctx != NULL ); AES_VALIDATE_RET( ctx != NULL );
@ -1483,7 +1507,9 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
while( length-- ) while( length-- )
{ {
if( n == 0 ) { if( n == 0 ) {
mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block ); ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block );
if( ret != 0 )
goto exit;
for( i = 16; i > 0; i-- ) for( i = 16; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 ) if( ++nonce_counter[i - 1] != 0 )
@ -1496,8 +1522,10 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
} }
*nc_off = n; *nc_off = n;
ret = 0;
return( 0 ); exit:
return( ret );
} }
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */

View file

@ -77,7 +77,7 @@ static unsigned char mask_of_range( unsigned char low, unsigned char high,
{ {
/* low_mask is: 0 if low <= c, 0x...ff if low > c */ /* low_mask is: 0 if low <= c, 0x...ff if low > c */
unsigned low_mask = ( (unsigned) c - low ) >> 8; unsigned low_mask = ( (unsigned) c - low ) >> 8;
/* high_mask is: 0 if c <= high, 0x...ff if high > c */ /* high_mask is: 0 if c <= high, 0x...ff if c > high */
unsigned high_mask = ( (unsigned) high - c ) >> 8; unsigned high_mask = ( (unsigned) high - c ) >> 8;
return( ~( low_mask | high_mask ) & 0xff ); return( ~( low_mask | high_mask ) & 0xff );
} }

View file

@ -72,6 +72,7 @@
#include "mbedtls/bn_mul.h" #include "mbedtls/bn_mul.h"
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#include <limits.h>
#include <string.h> #include <string.h>
#if defined(MBEDTLS_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
@ -1522,17 +1523,17 @@ cleanup:
*/ */
int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ) int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b )
{ {
mbedtls_mpi _B; mbedtls_mpi B;
mbedtls_mpi_uint p[1]; mbedtls_mpi_uint p[1];
MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( A != NULL );
p[0] = ( b < 0 ) ? -b : b; p[0] = ( b < 0 ) ? -b : b;
_B.s = ( b < 0 ) ? -1 : 1; B.s = ( b < 0 ) ? -1 : 1;
_B.n = 1; B.n = 1;
_B.p = p; B.p = p;
return( mbedtls_mpi_add_mpi( X, A, &_B ) ); return( mbedtls_mpi_add_mpi( X, A, &B ) );
} }
/* /*
@ -1540,17 +1541,17 @@ int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint
*/ */
int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ) int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b )
{ {
mbedtls_mpi _B; mbedtls_mpi B;
mbedtls_mpi_uint p[1]; mbedtls_mpi_uint p[1];
MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( A != NULL );
p[0] = ( b < 0 ) ? -b : b; p[0] = ( b < 0 ) ? -b : b;
_B.s = ( b < 0 ) ? -1 : 1; B.s = ( b < 0 ) ? -1 : 1;
_B.n = 1; B.n = 1;
_B.p = p; B.p = p;
return( mbedtls_mpi_sub_mpi( X, A, &_B ) ); return( mbedtls_mpi_sub_mpi( X, A, &B ) );
} }
/* /*
@ -1682,17 +1683,17 @@ cleanup:
*/ */
int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b ) int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b )
{ {
mbedtls_mpi _B; mbedtls_mpi B;
mbedtls_mpi_uint p[1]; mbedtls_mpi_uint p[1];
MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( A != NULL );
_B.s = 1; B.s = 1;
_B.n = 1; B.n = 1;
_B.p = p; B.p = p;
p[0] = b; p[0] = b;
return( mbedtls_mpi_mul_mpi( X, A, &_B ) ); return( mbedtls_mpi_mul_mpi( X, A, &B ) );
} }
/* /*
@ -1916,16 +1917,16 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R,
const mbedtls_mpi *A, const mbedtls_mpi *A,
mbedtls_mpi_sint b ) mbedtls_mpi_sint b )
{ {
mbedtls_mpi _B; mbedtls_mpi B;
mbedtls_mpi_uint p[1]; mbedtls_mpi_uint p[1];
MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( A != NULL );
p[0] = ( b < 0 ) ? -b : b; p[0] = ( b < 0 ) ? -b : b;
_B.s = ( b < 0 ) ? -1 : 1; B.s = ( b < 0 ) ? -1 : 1;
_B.n = 1; B.n = 1;
_B.p = p; B.p = p;
return( mbedtls_mpi_div_mpi( Q, R, A, &_B ) ); return( mbedtls_mpi_div_mpi( Q, R, A, &B ) );
} }
/* /*
@ -2187,7 +2188,7 @@ cleanup:
*/ */
int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *E, const mbedtls_mpi *N, const mbedtls_mpi *E, const mbedtls_mpi *N,
mbedtls_mpi *_RR ) mbedtls_mpi *prec_RR )
{ {
int ret; int ret;
size_t wbits, wsize, one = 1; size_t wbits, wsize, one = 1;
@ -2255,17 +2256,17 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
/* /*
* If 1st call, pre-compute R^2 mod N * If 1st call, pre-compute R^2 mod N
*/ */
if( _RR == NULL || _RR->p == NULL ) if( prec_RR == NULL || prec_RR->p == NULL )
{ {
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &RR, 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &RR, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &RR, N->n * 2 * biL ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &RR, N->n * 2 * biL ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &RR, &RR, N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &RR, &RR, N ) );
if( _RR != NULL ) if( prec_RR != NULL )
memcpy( _RR, &RR, sizeof( mbedtls_mpi ) ); memcpy( prec_RR, &RR, sizeof( mbedtls_mpi ) );
} }
else else
memcpy( &RR, _RR, sizeof( mbedtls_mpi ) ); memcpy( &RR, prec_RR, sizeof( mbedtls_mpi ) );
/* /*
* W[1] = A * R^2 * R^-1 mod N = A * R mod N * W[1] = A * R^2 * R^-1 mod N = A * R mod N
@ -2409,7 +2410,7 @@ cleanup:
mbedtls_mpi_free( &W[1] ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &Apos ); mbedtls_mpi_free( &W[1] ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &Apos );
mbedtls_mpi_free( &WW ); mbedtls_mpi_free( &WW );
if( _RR == NULL || _RR->p == NULL ) if( prec_RR == NULL || prec_RR->p == NULL )
mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &RR );
return( ret ); return( ret );

View file

@ -967,6 +967,12 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
} }
/* Status to return on a non-authenticated algorithm. It would make sense
* to return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT or perhaps
* MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, but at the time I write this our
* unit tests assume 0. */
ret = 0;
#if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{ {
@ -981,9 +987,10 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
/* Check the tag in "constant-time" */ /* Check the tag in "constant-time" */
if( mbedtls_constant_time_memcmp( tag, check_tag, tag_len ) != 0 ) if( mbedtls_constant_time_memcmp( tag, check_tag, tag_len ) != 0 )
return( MBEDTLS_ERR_CIPHER_AUTH_FAILED ); {
ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
return( 0 ); goto exit;
}
} }
#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_GCM_C */
@ -1003,13 +1010,16 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
/* Check the tag in "constant-time" */ /* Check the tag in "constant-time" */
if( mbedtls_constant_time_memcmp( tag, check_tag, tag_len ) != 0 ) if( mbedtls_constant_time_memcmp( tag, check_tag, tag_len ) != 0 )
return( MBEDTLS_ERR_CIPHER_AUTH_FAILED ); {
ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
return( 0 ); goto exit;
}
} }
#endif /* MBEDTLS_CHACHAPOLY_C */ #endif /* MBEDTLS_CHACHAPOLY_C */
return( 0 ); exit:
mbedtls_platform_zeroize( check_tag, tag_len );
return( ret );
} }
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */

View file

@ -59,6 +59,7 @@
#if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_DES_C)
#include "mbedtls/des.h" #include "mbedtls/des.h"
#include "mbedtls/error.h"
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#include <string.h> #include <string.h>
@ -696,6 +697,7 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int i; int i;
int ret;
unsigned char temp[8]; unsigned char temp[8];
if( length % 8 ) if( length % 8 )
@ -708,7 +710,9 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] ); output[i] = (unsigned char)( input[i] ^ iv[i] );
mbedtls_des_crypt_ecb( ctx, output, output ); ret = mbedtls_des_crypt_ecb( ctx, output, output );
if( ret != 0 )
goto exit;
memcpy( iv, output, 8 ); memcpy( iv, output, 8 );
input += 8; input += 8;
@ -721,7 +725,9 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
while( length > 0 ) while( length > 0 )
{ {
memcpy( temp, input, 8 ); memcpy( temp, input, 8 );
mbedtls_des_crypt_ecb( ctx, input, output ); ret = mbedtls_des_crypt_ecb( ctx, input, output );
if( ret != 0 )
goto exit;
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] ); output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -733,8 +739,10 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
length -= 8; length -= 8;
} }
} }
ret = 0;
return( 0 ); exit:
return( ret );
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
@ -795,6 +803,7 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int i; int i;
int ret;
unsigned char temp[8]; unsigned char temp[8];
if( length % 8 ) if( length % 8 )
@ -807,7 +816,9 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] ); output[i] = (unsigned char)( input[i] ^ iv[i] );
mbedtls_des3_crypt_ecb( ctx, output, output ); ret = mbedtls_des3_crypt_ecb( ctx, output, output );
if( ret != 0 )
goto exit;
memcpy( iv, output, 8 ); memcpy( iv, output, 8 );
input += 8; input += 8;
@ -820,7 +831,9 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
while( length > 0 ) while( length > 0 )
{ {
memcpy( temp, input, 8 ); memcpy( temp, input, 8 );
mbedtls_des3_crypt_ecb( ctx, input, output ); ret = mbedtls_des3_crypt_ecb( ctx, input, output );
if( ret != 0 )
goto exit;
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] ); output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -832,8 +845,10 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
length -= 8; length -= 8;
} }
} }
ret = 0;
return( 0 ); exit:
return( ret );
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
@ -926,39 +941,43 @@ int mbedtls_des_self_test( int verbose )
switch( i ) switch( i )
{ {
case 0: case 0:
mbedtls_des_setkey_dec( &ctx, des3_test_keys ); ret = mbedtls_des_setkey_dec( &ctx, des3_test_keys );
break; break;
case 1: case 1:
mbedtls_des_setkey_enc( &ctx, des3_test_keys ); ret = mbedtls_des_setkey_enc( &ctx, des3_test_keys );
break; break;
case 2: case 2:
mbedtls_des3_set2key_dec( &ctx3, des3_test_keys ); ret = mbedtls_des3_set2key_dec( &ctx3, des3_test_keys );
break; break;
case 3: case 3:
mbedtls_des3_set2key_enc( &ctx3, des3_test_keys ); ret = mbedtls_des3_set2key_enc( &ctx3, des3_test_keys );
break; break;
case 4: case 4:
mbedtls_des3_set3key_dec( &ctx3, des3_test_keys ); ret = mbedtls_des3_set3key_dec( &ctx3, des3_test_keys );
break; break;
case 5: case 5:
mbedtls_des3_set3key_enc( &ctx3, des3_test_keys ); ret = mbedtls_des3_set3key_enc( &ctx3, des3_test_keys );
break; break;
default: default:
return( 1 ); return( 1 );
} }
if( ret != 0 )
goto exit;
for( j = 0; j < 10000; j++ ) for( j = 0; j < 10000; j++ )
{ {
if( u == 0 ) if( u == 0 )
mbedtls_des_crypt_ecb( &ctx, buf, buf ); ret = mbedtls_des_crypt_ecb( &ctx, buf, buf );
else else
mbedtls_des3_crypt_ecb( &ctx3, buf, buf ); ret = mbedtls_des3_crypt_ecb( &ctx3, buf, buf );
if( ret != 0 )
goto exit;
} }
if( ( v == MBEDTLS_DES_DECRYPT && if( ( v == MBEDTLS_DES_DECRYPT &&
@ -1001,41 +1020,45 @@ int mbedtls_des_self_test( int verbose )
switch( i ) switch( i )
{ {
case 0: case 0:
mbedtls_des_setkey_dec( &ctx, des3_test_keys ); ret = mbedtls_des_setkey_dec( &ctx, des3_test_keys );
break; break;
case 1: case 1:
mbedtls_des_setkey_enc( &ctx, des3_test_keys ); ret = mbedtls_des_setkey_enc( &ctx, des3_test_keys );
break; break;
case 2: case 2:
mbedtls_des3_set2key_dec( &ctx3, des3_test_keys ); ret = mbedtls_des3_set2key_dec( &ctx3, des3_test_keys );
break; break;
case 3: case 3:
mbedtls_des3_set2key_enc( &ctx3, des3_test_keys ); ret = mbedtls_des3_set2key_enc( &ctx3, des3_test_keys );
break; break;
case 4: case 4:
mbedtls_des3_set3key_dec( &ctx3, des3_test_keys ); ret = mbedtls_des3_set3key_dec( &ctx3, des3_test_keys );
break; break;
case 5: case 5:
mbedtls_des3_set3key_enc( &ctx3, des3_test_keys ); ret = mbedtls_des3_set3key_enc( &ctx3, des3_test_keys );
break; break;
default: default:
return( 1 ); return( 1 );
} }
if( ret != 0 )
goto exit;
if( v == MBEDTLS_DES_DECRYPT ) if( v == MBEDTLS_DES_DECRYPT )
{ {
for( j = 0; j < 10000; j++ ) for( j = 0; j < 10000; j++ )
{ {
if( u == 0 ) if( u == 0 )
mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); ret = mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
else else
mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); ret = mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
if( ret != 0 )
goto exit;
} }
} }
else else
@ -1045,9 +1068,11 @@ int mbedtls_des_self_test( int verbose )
unsigned char tmp[8]; unsigned char tmp[8];
if( u == 0 ) if( u == 0 )
mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); ret = mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
else else
mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); ret = mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
if( ret != 0 )
goto exit;
memcpy( tmp, prv, 8 ); memcpy( tmp, prv, 8 );
memcpy( prv, buf, 8 ); memcpy( prv, buf, 8 );
@ -1081,6 +1106,8 @@ exit:
mbedtls_des_free( &ctx ); mbedtls_des_free( &ctx );
mbedtls_des3_free( &ctx3 ); mbedtls_des3_free( &ctx3 );
if( ret != 0 )
ret = 1;
return( ret ); return( ret );
} }

View file

@ -111,6 +111,20 @@
} }
#endif #endif
#ifndef PUT_UINT64_BE
#define PUT_UINT64_BE( n, b, i ) \
{ \
( b )[( i ) ] = (unsigned char) ( ( (n) >> 56 ) & 0xff ); \
( b )[( i ) + 1] = (unsigned char) ( ( (n) >> 48 ) & 0xff ); \
( b )[( i ) + 2] = (unsigned char) ( ( (n) >> 40 ) & 0xff ); \
( b )[( i ) + 3] = (unsigned char) ( ( (n) >> 32 ) & 0xff ); \
( b )[( i ) + 4] = (unsigned char) ( ( (n) >> 24 ) & 0xff ); \
( b )[( i ) + 5] = (unsigned char) ( ( (n) >> 16 ) & 0xff ); \
( b )[( i ) + 6] = (unsigned char) ( ( (n) >> 8 ) & 0xff ); \
( b )[( i ) + 7] = (unsigned char) ( ( (n) ) & 0xff ); \
}
#endif
/* /*
* Initialize a context * Initialize a context
*/ */
@ -309,6 +323,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
size_t i; size_t i;
const unsigned char *p; const unsigned char *p;
size_t use_len, olen = 0; size_t use_len, olen = 0;
uint64_t iv_bits;
GCM_VALIDATE_RET( ctx != NULL ); GCM_VALIDATE_RET( ctx != NULL );
GCM_VALIDATE_RET( iv != NULL ); GCM_VALIDATE_RET( iv != NULL );
@ -338,7 +353,8 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
else else
{ {
memset( work_buf, 0x00, 16 ); memset( work_buf, 0x00, 16 );
PUT_UINT32_BE( iv_len * 8, work_buf, 12 ); iv_bits = (uint64_t)iv_len * 8;
PUT_UINT64_BE( iv_bits, work_buf, 8 );
p = iv; p = iv;
while( iv_len > 0 ) while( iv_len > 0 )

View file

@ -320,8 +320,7 @@ static const unsigned char md2_test_str[7][81] =
{ "message digest" }, { "message digest" },
{ "abcdefghijklmnopqrstuvwxyz" }, { "abcdefghijklmnopqrstuvwxyz" },
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" }, { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
{ "12345678901234567890123456789012345678901234567890123456789012" { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
"345678901234567890" }
}; };
static const size_t md2_test_strlen[7] = static const size_t md2_test_strlen[7] =

View file

@ -444,8 +444,7 @@ static const unsigned char md4_test_str[7][81] =
{ "message digest" }, { "message digest" },
{ "abcdefghijklmnopqrstuvwxyz" }, { "abcdefghijklmnopqrstuvwxyz" },
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" }, { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
{ "12345678901234567890123456789012345678901234567890123456789012" { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
"345678901234567890" }
}; };
static const size_t md4_test_strlen[7] = static const size_t md4_test_strlen[7] =

View file

@ -458,8 +458,7 @@ static const unsigned char md5_test_buf[7][81] =
{ "message digest" }, { "message digest" },
{ "abcdefghijklmnopqrstuvwxyz" }, { "abcdefghijklmnopqrstuvwxyz" },
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" }, { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
{ "12345678901234567890123456789012345678901234567890123456789012" { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
"345678901234567890" }
}; };
static const size_t md5_test_buflen[7] = static const size_t md5_test_buflen[7] =

View file

@ -209,6 +209,9 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
mbedtls_cipher_context_t cipher_ctx; mbedtls_cipher_context_t cipher_ctx;
size_t olen = 0; size_t olen = 0;
if( pwd == NULL && pwdlen != 0 )
return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
cipher_info = mbedtls_cipher_info_from_type( cipher_type ); cipher_info = mbedtls_cipher_info_from_type( cipher_type );
if( cipher_info == NULL ) if( cipher_info == NULL )
return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
@ -261,12 +264,23 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len,
unsigned char *p = data; unsigned char *p = data;
size_t use_len; size_t use_len;
while( data_len > 0 ) if( filler != NULL && fill_len != 0 )
{ {
use_len = ( data_len > fill_len ) ? fill_len : data_len; while( data_len > 0 )
memcpy( p, filler, use_len ); {
p += use_len; use_len = ( data_len > fill_len ) ? fill_len : data_len;
data_len -= use_len; memcpy( p, filler, use_len );
p += use_len;
data_len -= use_len;
}
}
else
{
/* If either of the above are not true then clearly there is nothing
* that this function can do. The function should *not* be called
* under either of those circumstances, as you could end up with an
* incorrect output but for safety's sake, leaving the check in as
* otherwise we could end up with memory corruption.*/
} }
} }
@ -283,6 +297,8 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
unsigned char hash_output[MBEDTLS_MD_MAX_SIZE]; unsigned char hash_output[MBEDTLS_MD_MAX_SIZE];
unsigned char *p; unsigned char *p;
unsigned char c; unsigned char c;
int use_password = 0;
int use_salt = 0;
size_t hlen, use_len, v, i; size_t hlen, use_len, v, i;
@ -293,6 +309,15 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
if( datalen > 128 || pwdlen > 64 || saltlen > 64 ) if( datalen > 128 || pwdlen > 64 || saltlen > 64 )
return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
if( pwd == NULL && pwdlen != 0 )
return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
if( salt == NULL && saltlen != 0 )
return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
use_password = ( pwd && pwdlen != 0 );
use_salt = ( salt && saltlen != 0 );
md_info = mbedtls_md_info_from_type( md_type ); md_info = mbedtls_md_info_from_type( md_type );
if( md_info == NULL ) if( md_info == NULL )
return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
@ -310,8 +335,15 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
memset( diversifier, (unsigned char) id, v ); memset( diversifier, (unsigned char) id, v );
pkcs12_fill_buffer( salt_block, v, salt, saltlen ); if( use_salt != 0 )
pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); {
pkcs12_fill_buffer( salt_block, v, salt, saltlen );
}
if( use_password != 0 )
{
pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen );
}
p = data; p = data;
while( datalen > 0 ) while( datalen > 0 )
@ -323,11 +355,17 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 ) if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 )
goto exit; goto exit;
if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 ) if( use_salt != 0 )
goto exit; {
if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v )) != 0 )
goto exit;
}
if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 ) if( use_password != 0)
goto exit; {
if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v )) != 0 )
goto exit;
}
if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 )
goto exit; goto exit;
@ -355,22 +393,28 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
if( ++hash_block[i - 1] != 0 ) if( ++hash_block[i - 1] != 0 )
break; break;
// salt_block += B if( use_salt != 0 )
c = 0;
for( i = v; i > 0; i-- )
{ {
j = salt_block[i - 1] + hash_block[i - 1] + c; // salt_block += B
c = 0;
for( i = v; i > 0; i-- )
{
j = salt_block[i - 1] + hash_block[i - 1] + c;
c = (unsigned char) (j >> 8); c = (unsigned char) (j >> 8);
salt_block[i - 1] = j & 0xFF; salt_block[i - 1] = j & 0xFF;
}
} }
// pwd_block += B if( use_password != 0 )
c = 0;
for( i = v; i > 0; i-- )
{ {
j = pwd_block[i - 1] + hash_block[i - 1] + c; // pwd_block += B
c = 0;
for( i = v; i > 0; i-- )
{
j = pwd_block[i - 1] + hash_block[i - 1] + c;
c = (unsigned char) (j >> 8); c = (unsigned char) (j >> 8);
pwd_block[i - 1] = j & 0xFF; pwd_block[i - 1] = j & 0xFF;
}
} }
} }

View file

@ -1408,8 +1408,11 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
} }
#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ) ) == 0 ) ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen );
if( ret == 0 )
{
return( 0 ); return( 0 );
}
mbedtls_pk_free( pk ); mbedtls_pk_free( pk );
mbedtls_pk_init( pk ); mbedtls_pk_init( pk );

View file

@ -514,8 +514,7 @@ static const unsigned char ripemd160_test_str[TESTS][81] =
{ "abcdefghijklmnopqrstuvwxyz" }, { "abcdefghijklmnopqrstuvwxyz" },
{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" }, { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
{ "12345678901234567890123456789012345678901234567890123456789012" { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" },
"345678901234567890" },
}; };
static const size_t ripemd160_test_strlen[TESTS] = static const size_t ripemd160_test_strlen[TESTS] =

View file

@ -2148,9 +2148,13 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
memcpy( sig, sig_try, ctx->len ); memcpy( sig, sig_try, ctx->len );
cleanup: cleanup:
mbedtls_platform_zeroize( sig_try, ctx->len );
mbedtls_platform_zeroize( verif, ctx->len );
mbedtls_free( sig_try ); mbedtls_free( sig_try );
mbedtls_free( verif ); mbedtls_free( verif );
if( ret != 0 )
memset( sig, '!', ctx->len );
return( ret ); return( ret );
} }
#endif /* MBEDTLS_PKCS1_V15 */ #endif /* MBEDTLS_PKCS1_V15 */

View file

@ -527,8 +527,7 @@ void mbedtls_sha512( const unsigned char *input,
static const unsigned char sha512_test_buf[3][113] = static const unsigned char sha512_test_buf[3][113] =
{ {
{ "abc" }, { "abc" },
{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" },
"hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" },
{ "" } { "" }
}; };

View file

@ -250,15 +250,18 @@ int mbedtls_ssl_cookie_check( void *p_ctx,
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret = ( MBEDTLS_ERR_SSL_INTERNAL_ERROR +
MBEDTLS_ERR_THREADING_MUTEX_ERROR ); MBEDTLS_ERR_THREADING_MUTEX_ERROR );
#endif #endif
if( ret != 0 ) if( ret != 0 )
return( ret ); goto exit;
if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 ) if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 )
return( -1 ); {
ret = -1;
goto exit;
}
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
cur_time = (unsigned long) mbedtls_time( NULL ); cur_time = (unsigned long) mbedtls_time( NULL );
@ -272,8 +275,13 @@ int mbedtls_ssl_cookie_check( void *p_ctx,
( (unsigned long) cookie[3] ); ( (unsigned long) cookie[3] );
if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout ) if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout )
return( -1 ); {
ret = -1;
goto exit;
}
return( 0 ); exit:
mbedtls_platform_zeroize( ref_hmac, sizeof( ref_hmac ) );
return( ret );
} }
#endif /* MBEDTLS_SSL_COOKIE_C */ #endif /* MBEDTLS_SSL_COOKIE_C */

View file

@ -301,6 +301,10 @@ static int ssl_session_copy( mbedtls_ssl_session *dst, const mbedtls_ssl_session
mbedtls_ssl_session_free( dst ); mbedtls_ssl_session_free( dst );
memcpy( dst, src, sizeof( mbedtls_ssl_session ) ); memcpy( dst, src, sizeof( mbedtls_ssl_session ) );
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
dst->ticket = NULL;
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
if( src->peer_cert != NULL ) if( src->peer_cert != NULL )
{ {
@ -449,24 +453,45 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
* First compute P_md5(secret,label+random)[0..dlen] * First compute P_md5(secret,label+random)[0..dlen]
*/ */
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL ) if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); {
ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
goto exit;
}
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
return( ret ); goto exit;
mbedtls_md_hmac_starts( &md_ctx, S1, hs ); ret = mbedtls_md_hmac_starts( &md_ctx, S1, hs );
mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); if( ret != 0 )
mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); goto exit;
ret = mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb );
if( ret != 0 )
goto exit;
ret = mbedtls_md_hmac_finish( &md_ctx, 4 + tmp );
if( ret != 0 )
goto exit;
for( i = 0; i < dlen; i += 16 ) for( i = 0; i < dlen; i += 16 )
{ {
mbedtls_md_hmac_reset ( &md_ctx ); ret = mbedtls_md_hmac_reset ( &md_ctx );
mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb ); if( ret != 0 )
mbedtls_md_hmac_finish( &md_ctx, h_i ); goto exit;
ret = mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb );
if( ret != 0 )
goto exit;
ret = mbedtls_md_hmac_finish( &md_ctx, h_i );
if( ret != 0 )
goto exit;
mbedtls_md_hmac_reset ( &md_ctx ); ret = mbedtls_md_hmac_reset ( &md_ctx );
mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 ); if( ret != 0 )
mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); goto exit;
ret = mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 );
if( ret != 0 )
goto exit;
ret = mbedtls_md_hmac_finish( &md_ctx, 4 + tmp );
if( ret != 0 )
goto exit;
k = ( i + 16 > dlen ) ? dlen % 16 : 16; k = ( i + 16 > dlen ) ? dlen % 16 : 16;
@ -480,24 +505,45 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
* XOR out with P_sha1(secret,label+random)[0..dlen] * XOR out with P_sha1(secret,label+random)[0..dlen]
*/ */
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); {
ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
goto exit;
}
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
return( ret ); goto exit;
mbedtls_md_hmac_starts( &md_ctx, S2, hs ); ret = mbedtls_md_hmac_starts( &md_ctx, S2, hs );
mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); if( ret != 0 )
mbedtls_md_hmac_finish( &md_ctx, tmp ); goto exit;
ret = mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb );
if( ret != 0 )
goto exit;
ret = mbedtls_md_hmac_finish( &md_ctx, tmp );
if( ret != 0 )
goto exit;
for( i = 0; i < dlen; i += 20 ) for( i = 0; i < dlen; i += 20 )
{ {
mbedtls_md_hmac_reset ( &md_ctx ); ret = mbedtls_md_hmac_reset ( &md_ctx );
mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb ); if( ret != 0 )
mbedtls_md_hmac_finish( &md_ctx, h_i ); goto exit;
ret = mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb );
if( ret != 0 )
goto exit;
ret = mbedtls_md_hmac_finish( &md_ctx, h_i );
if( ret != 0 )
goto exit;
mbedtls_md_hmac_reset ( &md_ctx ); ret = mbedtls_md_hmac_reset ( &md_ctx );
mbedtls_md_hmac_update( &md_ctx, tmp, 20 ); if( ret != 0 )
mbedtls_md_hmac_finish( &md_ctx, tmp ); goto exit;
ret = mbedtls_md_hmac_update( &md_ctx, tmp, 20 );
if( ret != 0 )
goto exit;
ret = mbedtls_md_hmac_finish( &md_ctx, tmp );
if( ret != 0 )
goto exit;
k = ( i + 20 > dlen ) ? dlen % 20 : 20; k = ( i + 20 > dlen ) ? dlen % 20 : 20;
@ -505,6 +551,7 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] ); dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] );
} }
exit:
mbedtls_md_free( &md_ctx ); mbedtls_md_free( &md_ctx );
mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
@ -548,21 +595,39 @@ static int tls_prf_generic( mbedtls_md_type_t md_type,
* Compute P_<hash>(secret, label + random)[0..dlen] * Compute P_<hash>(secret, label + random)[0..dlen]
*/ */
if ( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) if ( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
return( ret ); goto exit;
mbedtls_md_hmac_starts( &md_ctx, secret, slen ); ret = mbedtls_md_hmac_starts( &md_ctx, secret, slen );
mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb ); if( ret != 0 )
mbedtls_md_hmac_finish( &md_ctx, tmp ); goto exit;
ret = mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb );
if( ret != 0 )
goto exit;
ret = mbedtls_md_hmac_finish( &md_ctx, tmp );
if( ret != 0 )
goto exit;
for( i = 0; i < dlen; i += md_len ) for( i = 0; i < dlen; i += md_len )
{ {
mbedtls_md_hmac_reset ( &md_ctx ); ret = mbedtls_md_hmac_reset ( &md_ctx );
mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb ); if( ret != 0 )
mbedtls_md_hmac_finish( &md_ctx, h_i ); goto exit;
ret = mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb );
if( ret != 0 )
goto exit;
ret = mbedtls_md_hmac_finish( &md_ctx, h_i );
if( ret != 0 )
goto exit;
mbedtls_md_hmac_reset ( &md_ctx ); ret = mbedtls_md_hmac_reset ( &md_ctx );
mbedtls_md_hmac_update( &md_ctx, tmp, md_len ); if( ret != 0 )
mbedtls_md_hmac_finish( &md_ctx, tmp ); goto exit;
ret = mbedtls_md_hmac_update( &md_ctx, tmp, md_len );
if( ret != 0 )
goto exit;
ret = mbedtls_md_hmac_finish( &md_ctx, tmp );
if( ret != 0 )
goto exit;
k = ( i + md_len > dlen ) ? dlen % md_len : md_len; k = ( i + md_len > dlen ) ? dlen % md_len : md_len;
@ -570,6 +635,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type,
dstbuf[i + j] = h_i[j]; dstbuf[i + j] = h_i[j];
} }
exit:
mbedtls_md_free( &md_ctx ); mbedtls_md_free( &md_ctx );
mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
@ -1015,8 +1081,14 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
For AEAD-based ciphersuites, there is nothing to do here. */ For AEAD-based ciphersuites, there is nothing to do here. */
if( mac_key_len != 0 ) if( mac_key_len != 0 )
{ {
mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, mac_key_len ); ret = mbedtls_md_hmac_starts( &transform->md_ctx_enc,
mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, mac_key_len ); mac_enc, mac_key_len );
if( ret != 0 )
return( ret );
ret = mbedtls_md_hmac_starts( &transform->md_ctx_dec,
mac_dec, mac_key_len );
if( ret != 0 )
return( ret );
} }
} }
else else
@ -1390,17 +1462,18 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
* SSLv3.0 MAC functions * SSLv3.0 MAC functions
*/ */
#define SSL_MAC_MAX_BYTES 20 /* MD-5 or SHA-1 */ #define SSL_MAC_MAX_BYTES 20 /* MD-5 or SHA-1 */
static void ssl_mac( mbedtls_md_context_t *md_ctx, static int ssl_mac( mbedtls_md_context_t *md_ctx,
const unsigned char *secret, const unsigned char *secret,
const unsigned char *buf, size_t len, const unsigned char *buf, size_t len,
const unsigned char *ctr, int type, const unsigned char *ctr, int type,
unsigned char out[SSL_MAC_MAX_BYTES] ) unsigned char out[SSL_MAC_MAX_BYTES] )
{ {
unsigned char header[11]; unsigned char header[11];
unsigned char padding[48]; unsigned char padding[48];
int padlen; int padlen;
int md_size = mbedtls_md_get_size( md_ctx->md_info ); int md_size = mbedtls_md_get_size( md_ctx->md_info );
int md_type = mbedtls_md_get_type( md_ctx->md_info ); int md_type = mbedtls_md_get_type( md_ctx->md_info );
int ret;
/* Only MD5 and SHA-1 supported */ /* Only MD5 and SHA-1 supported */
if( md_type == MBEDTLS_MD_MD5 ) if( md_type == MBEDTLS_MD_MD5 )
@ -1414,19 +1487,43 @@ static void ssl_mac( mbedtls_md_context_t *md_ctx,
header[10] = (unsigned char)( len ); header[10] = (unsigned char)( len );
memset( padding, 0x36, padlen ); memset( padding, 0x36, padlen );
mbedtls_md_starts( md_ctx ); ret = mbedtls_md_starts( md_ctx );
mbedtls_md_update( md_ctx, secret, md_size ); if( ret != 0 )
mbedtls_md_update( md_ctx, padding, padlen ); return( ret );
mbedtls_md_update( md_ctx, header, 11 ); ret = mbedtls_md_update( md_ctx, secret, md_size );
mbedtls_md_update( md_ctx, buf, len ); if( ret != 0 )
mbedtls_md_finish( md_ctx, out ); return( ret );
ret = mbedtls_md_update( md_ctx, padding, padlen );
if( ret != 0 )
return( ret );
ret = mbedtls_md_update( md_ctx, header, 11 );
if( ret != 0 )
return( ret );
ret = mbedtls_md_update( md_ctx, buf, len );
if( ret != 0 )
return( ret );
ret = mbedtls_md_finish( md_ctx, out );
if( ret != 0 )
return( ret );
memset( padding, 0x5C, padlen ); memset( padding, 0x5C, padlen );
mbedtls_md_starts( md_ctx ); ret = mbedtls_md_starts( md_ctx );
mbedtls_md_update( md_ctx, secret, md_size ); if( ret != 0 )
mbedtls_md_update( md_ctx, padding, padlen ); return( ret );
mbedtls_md_update( md_ctx, out, md_size ); ret = mbedtls_md_update( md_ctx, secret, md_size );
mbedtls_md_finish( md_ctx, out ); if( ret != 0 )
return( ret );
ret = mbedtls_md_update( md_ctx, padding, padlen );
if( ret != 0 )
return( ret );
ret = mbedtls_md_update( md_ctx, out, md_size );
if( ret != 0 )
return( ret );
ret = mbedtls_md_finish( md_ctx, out );
if( ret != 0 )
return( ret );
return( 0 );
} }
#endif /* MBEDTLS_SSL_PROTO_SSL3 */ #endif /* MBEDTLS_SSL_PROTO_SSL3 */
@ -1471,14 +1568,22 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
{ {
unsigned char mac[SSL_MAC_MAX_BYTES]; unsigned char mac[SSL_MAC_MAX_BYTES];
int ret;
ssl_mac( &ssl->transform_out->md_ctx_enc, ret = ssl_mac( &ssl->transform_out->md_ctx_enc,
ssl->transform_out->mac_enc, ssl->transform_out->mac_enc,
ssl->out_msg, ssl->out_msglen, ssl->out_msg, ssl->out_msglen,
ssl->out_ctr, ssl->out_msgtype, ssl->out_ctr, ssl->out_msgtype,
mac ); mac );
memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen ); if( ret == 0 )
memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen );
mbedtls_platform_zeroize( mac, ssl->transform_out->maclen );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_mac", ret );
return( ret );
}
} }
else else
#endif #endif
@ -1487,16 +1592,35 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
{ {
unsigned char mac[MBEDTLS_SSL_MAC_ADD]; unsigned char mac[MBEDTLS_SSL_MAC_ADD];
int ret;
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_ctr, 8 ); ret = mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_ctr, 8 );
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_hdr, 3 ); if( ret != 0 )
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_len, 2 ); goto hmac_failed_etm_disabled;
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ret = mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_hdr, 3 );
ssl->out_msg, ssl->out_msglen ); if( ret != 0 )
mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac ); goto hmac_failed_etm_disabled;
mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc ); ret = mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_len, 2 );
if( ret != 0 )
goto hmac_failed_etm_disabled;
ret = mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc,
ssl->out_msg, ssl->out_msglen );
ret = mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac );
if( ret != 0 )
goto hmac_failed_etm_disabled;
ret = mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc );
if( ret != 0 )
goto hmac_failed_etm_disabled;
memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen ); memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen );
hmac_failed_etm_disabled:
mbedtls_platform_zeroize( mac, ssl->transform_out->maclen );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_hmac_xxx", ret );
return( ret );
}
} }
else else
#endif #endif
@ -1749,17 +1873,33 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 ); MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 );
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 ); ret = mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 );
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, if( ret != 0 )
ssl->out_iv, ssl->out_msglen ); goto hmac_failed_etm_enabled;
mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac ); ret = mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc,
mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc ); ssl->out_iv, ssl->out_msglen );
if( ret != 0 )
goto hmac_failed_etm_enabled;
ret = mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac );
if( ret != 0 )
goto hmac_failed_etm_enabled;
ret = mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc );
if( ret != 0 )
goto hmac_failed_etm_enabled;
memcpy( ssl->out_iv + ssl->out_msglen, mac, memcpy( ssl->out_iv + ssl->out_msglen, mac,
ssl->transform_out->maclen ); ssl->transform_out->maclen );
ssl->out_msglen += ssl->transform_out->maclen; ssl->out_msglen += ssl->transform_out->maclen;
auth_done++; auth_done++;
hmac_failed_etm_enabled:
mbedtls_platform_zeroize( mac, ssl->transform_out->maclen );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "HMAC calculation failed", ret );
return( ret );
}
} }
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
} }
@ -2145,11 +2285,19 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 ); MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 );
mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, pseudo_hdr, 13 ); ret = mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, pseudo_hdr, 13 );
mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, if( ret != 0 )
ssl->in_iv, ssl->in_msglen ); goto hmac_failed_etm_enabled;
mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, mac_expect ); ret = mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec,
mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec ); ssl->in_iv, ssl->in_msglen );
if( ret != 0 )
goto hmac_failed_etm_enabled;
ret = mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, mac_expect );
if( ret != 0 )
goto hmac_failed_etm_enabled;
ret = mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec );
if( ret != 0 )
goto hmac_failed_etm_enabled;
MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", ssl->in_iv + ssl->in_msglen, MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", ssl->in_iv + ssl->in_msglen,
ssl->transform_in->maclen ); ssl->transform_in->maclen );
@ -2161,9 +2309,19 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) );
return( MBEDTLS_ERR_SSL_INVALID_MAC ); ret = MBEDTLS_ERR_SSL_INVALID_MAC;
goto hmac_failed_etm_enabled;
} }
auth_done++; auth_done++;
hmac_failed_etm_enabled:
mbedtls_platform_zeroize( mac_expect, ssl->transform_in->maclen );
if( ret != 0 )
{
if( ret != MBEDTLS_ERR_SSL_INVALID_MAC )
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hmac_xxx", ret );
return( ret );
}
} }
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
@ -2322,6 +2480,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
{ {
unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD]; unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD]; unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD];
int ret = 0;
ssl->in_msglen -= ssl->transform_in->maclen; ssl->in_msglen -= ssl->transform_in->maclen;
@ -2331,11 +2490,16 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_SSL_PROTO_SSL3) #if defined(MBEDTLS_SSL_PROTO_SSL3)
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
{ {
ssl_mac( &ssl->transform_in->md_ctx_dec, ret = ssl_mac( &ssl->transform_in->md_ctx_dec,
ssl->transform_in->mac_dec, ssl->transform_in->mac_dec,
ssl->in_msg, ssl->in_msglen, ssl->in_msg, ssl->in_msglen,
ssl->in_ctr, ssl->in_msgtype, ssl->in_ctr, ssl->in_msgtype,
mac_expect ); mac_expect );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_mac", ret );
return( ret );
}
memcpy( mac_peer, ssl->in_msg + ssl->in_msglen, memcpy( mac_peer, ssl->in_msg + ssl->in_msglen,
ssl->transform_in->maclen ); ssl->transform_in->maclen );
} }
@ -2345,7 +2509,6 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
defined(MBEDTLS_SSL_PROTO_TLS1_2) defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) if( ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 )
{ {
int ret;
unsigned char add_data[13]; unsigned char add_data[13];
/* /*
@ -2373,7 +2536,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_cf_hmac", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_cf_hmac", ret );
return( ret ); goto hmac_failed_etm_disabled;
} }
mbedtls_ssl_cf_memcpy_offset( mac_peer, ssl->in_msg, mbedtls_ssl_cf_memcpy_offset( mac_peer, ssl->in_msg,
@ -2403,6 +2566,12 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
correct = 0; correct = 0;
} }
auth_done++; auth_done++;
hmac_failed_etm_disabled:
mbedtls_platform_zeroize( mac_peer, ssl->transform_in->maclen );
mbedtls_platform_zeroize( mac_expect, ssl->transform_in->maclen );
if( ret != 0 )
return( ret );
} }
/* /*
@ -6646,22 +6815,6 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) );
ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 );
if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
return( ret );
}
if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
}
/* There is currently no ciphersuite using another length with TLS 1.2 */ /* There is currently no ciphersuite using another length with TLS 1.2 */
#if defined(MBEDTLS_SSL_PROTO_SSL3) #if defined(MBEDTLS_SSL_PROTO_SSL3)
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
@ -6670,13 +6823,31 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl )
#endif #endif
hash_len = 12; hash_len = 12;
ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 );
if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
goto exit;
}
if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
goto exit;
}
if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED ||
ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED;
goto exit;
} }
if( mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), if( mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ),
@ -6685,7 +6856,8 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED;
goto exit;
} }
#if defined(MBEDTLS_SSL_RENEGOTIATION) #if defined(MBEDTLS_SSL_RENEGOTIATION)
@ -6714,7 +6886,9 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) );
return( 0 ); exit:
mbedtls_platform_zeroize( buf, hash_len );
return( ret );
} }
static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )

View file

@ -203,7 +203,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
return( return(
mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS, mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS,
MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ), MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ),
0, buf + sizeof(buf) - len, len ) ); is_ca, buf + sizeof(buf) - len, len ) );
} }
#if defined(MBEDTLS_SHA1_C) #if defined(MBEDTLS_SHA1_C)

View file

@ -1,341 +0,0 @@
diff --git a/library/base64.c b/library/base64.c
index 692e11e3fae..b89313062b6 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -66,127 +66,38 @@
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
-static const unsigned char base64_enc_map[64] =
-{
- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
- 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',
- 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd',
- 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
- 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
- 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7',
- '8', '9', '+', '/'
-};
-
-static const unsigned char base64_dec_map[128] =
-{
- 127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
- 127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
- 127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
- 127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
- 127, 127, 127, 62, 127, 127, 127, 63, 52, 53,
- 54, 55, 56, 57, 58, 59, 60, 61, 127, 127,
- 127, 64, 127, 127, 127, 0, 1, 2, 3, 4,
- 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
- 15, 16, 17, 18, 19, 20, 21, 22, 23, 24,
- 25, 127, 127, 127, 127, 127, 127, 26, 27, 28,
- 29, 30, 31, 32, 33, 34, 35, 36, 37, 38,
- 39, 40, 41, 42, 43, 44, 45, 46, 47, 48,
- 49, 50, 51, 127, 127, 127, 127, 127
-};
-
#define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
-/*
- * Constant flow conditional assignment to unsigned char
- */
-static void mbedtls_base64_cond_assign_uchar( unsigned char * dest, const unsigned char * const src,
- unsigned char condition )
-{
- /* MSVC has a warning about unary minus on unsigned integer types,
- * but this is well-defined and precisely what we want to do here. */
-#if defined(_MSC_VER)
-#pragma warning( push )
-#pragma warning( disable : 4146 )
-#endif
-
- /* Generate bitmask from condition, mask will either be 0xFF or 0 */
- unsigned char mask = ( condition | -condition );
- mask >>= 7;
- mask = -mask;
-
-#if defined(_MSC_VER)
-#pragma warning( pop )
-#endif
-
- *dest = ( ( *src ) & mask ) | ( ( *dest ) & ~mask );
-}
-
-/*
- * Constant flow conditional assignment to uint_32
- */
-static void mbedtls_base64_cond_assign_uint32( uint32_t * dest, const uint32_t src,
- uint32_t condition )
-{
- /* MSVC has a warning about unary minus on unsigned integer types,
- * but this is well-defined and precisely what we want to do here. */
-#if defined(_MSC_VER)
-#pragma warning( push )
-#pragma warning( disable : 4146 )
-#endif
-
- /* Generate bitmask from condition, mask will either be 0xFFFFFFFF or 0 */
- uint32_t mask = ( condition | -condition );
- mask >>= 31;
- mask = -mask;
-
-#if defined(_MSC_VER)
-#pragma warning( pop )
-#endif
-
- *dest = ( src & mask ) | ( ( *dest ) & ~mask );
-}
-
-/*
- * Constant flow check for equality
+/* Return 0xff if low <= c <= high, 0 otherwise.
+ *
+ * Constant flow with respect to c.
*/
-static unsigned char mbedtls_base64_eq( size_t in_a, size_t in_b )
+static unsigned char mask_of_range( unsigned char low, unsigned char high,
+ unsigned char c )
{
- size_t difference = in_a ^ in_b;
-
- /* MSVC has a warning about unary minus on unsigned integer types,
- * but this is well-defined and precisely what we want to do here. */
-#if defined(_MSC_VER)
-#pragma warning( push )
-#pragma warning( disable : 4146 )
-#endif
-
- difference |= -difference;
-
-#if defined(_MSC_VER)
-#pragma warning( pop )
-#endif
-
- /* cope with the varying size of size_t per platform */
- difference >>= ( sizeof( difference ) * 8 - 1 );
-
- return (unsigned char) ( 1 ^ difference );
+ /* low_mask is: 0 if low <= c, 0x...ff if low > c */
+ unsigned low_mask = ( (unsigned) c - low ) >> 8;
+ /* high_mask is: 0 if c <= high, 0x...ff if high > c */
+ unsigned high_mask = ( (unsigned) high - c ) >> 8;
+ return( ~( low_mask | high_mask ) & 0xff );
}
-/*
- * Constant flow lookup into table.
+/* Given a value in the range 0..63, return the corresponding Base64 digit.
+ * The implementation assumes that letters are consecutive (e.g. ASCII
+ * but not EBCDIC).
*/
-static unsigned char mbedtls_base64_table_lookup( const unsigned char * const table,
- const size_t table_size, const size_t table_index )
+static unsigned char enc_char( unsigned char val )
{
- size_t i;
- unsigned char result = 0;
-
- for( i = 0; i < table_size; ++i )
- {
- mbedtls_base64_cond_assign_uchar( &result, &table[i], mbedtls_base64_eq( i, table_index ) );
- }
-
- return result;
+ unsigned char digit = 0;
+ /* For each range of values, if val is in that range, mask digit with
+ * the corresponding value. Since val can only be in a single range,
+ * only at most one masking will change digit. */
+ digit |= mask_of_range( 0, 25, val ) & ( 'A' + val );
+ digit |= mask_of_range( 26, 51, val ) & ( 'a' + val - 26 );
+ digit |= mask_of_range( 52, 61, val ) & ( '0' + val - 52 );
+ digit |= mask_of_range( 62, 62, val ) & '+';
+ digit |= mask_of_range( 63, 63, val ) & '/';
+ return( digit );
}
/*
@@ -229,17 +140,10 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
C2 = *src++;
C3 = *src++;
- *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
- ( ( C1 >> 2 ) & 0x3F ) );
-
- *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
- ( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F ) );
-
- *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
- ( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) & 0x3F ) );
-
- *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
- ( C3 & 0x3F ) );
+ *p++ = enc_char( ( C1 >> 2 ) & 0x3F );
+ *p++ = enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F );
+ *p++ = enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) & 0x3F );
+ *p++ = enc_char( C3 & 0x3F );
}
if( i < slen )
@@ -247,15 +151,11 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
C1 = *src++;
C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
- *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
- ( ( C1 >> 2 ) & 0x3F ) );
-
- *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
- ( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F ) );
+ *p++ = enc_char( ( C1 >> 2 ) & 0x3F );
+ *p++ = enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F );
if( ( i + 1 ) < slen )
- *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
- ( ( ( C2 & 15 ) << 2 ) & 0x3F ) );
+ *p++ = enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F );
else *p++ = '=';
*p++ = '=';
@@ -267,26 +167,57 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
return( 0 );
}
+/* Given a Base64 digit, return its value.
+ * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'),
+ * return -1.
+ *
+ * The implementation assumes that letters are consecutive (e.g. ASCII
+ * but not EBCDIC).
+ *
+ * The implementation is constant-flow (no branch or memory access depending
+ * on the value of c) unless the compiler inlines and optimizes a specific
+ * access.
+ */
+static signed char dec_value( unsigned char c )
+{
+ unsigned char val = 0;
+ /* For each range of digits, if c is in that range, mask val with
+ * the corresponding value. Since c can only be in a single range,
+ * only at most one masking will change val. Set val to one plus
+ * the desired value so that it stays 0 if c is in none of the ranges. */
+ val |= mask_of_range( 'A', 'Z', c ) & ( c - 'A' + 0 + 1 );
+ val |= mask_of_range( 'a', 'z', c ) & ( c - 'a' + 26 + 1 );
+ val |= mask_of_range( '0', '9', c ) & ( c - '0' + 52 + 1 );
+ val |= mask_of_range( '+', '+', c ) & ( c - '+' + 62 + 1 );
+ val |= mask_of_range( '/', '/', c ) & ( c - '/' + 63 + 1 );
+ /* At this point, val is 0 if c is an invalid digit and v+1 if c is
+ * a digit with the value v. */
+ return( val - 1 );
+}
+
/*
* Decode a base64-formatted buffer
*/
int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen )
{
- size_t i, n;
- uint32_t j, x;
+ size_t i; /* index in source */
+ size_t n; /* number of digits or trailing = in source */
+ uint32_t x; /* value accumulator */
+ unsigned accumulated_digits = 0;
+ unsigned equals = 0;
+ int spaces_present = 0;
unsigned char *p;
- unsigned char dec_map_lookup;
/* First pass: check for validity and get output length */
- for( i = n = j = 0; i < slen; i++ )
+ for( i = n = 0; i < slen; i++ )
{
/* Skip spaces before checking for EOL */
- x = 0;
+ spaces_present = 0;
while( i < slen && src[i] == ' ' )
{
++i;
- ++x;
+ spaces_present = 1;
}
/* Spaces at end of buffer are OK */
@@ -301,20 +232,24 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
continue;
/* Space inside a line is an error */
- if( x != 0 )
+ if( spaces_present )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
- if( src[i] == '=' && ++j > 2 )
- return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
-
- dec_map_lookup = mbedtls_base64_table_lookup( base64_dec_map, sizeof( base64_dec_map ), src[i] );
-
- if( src[i] > 127 || dec_map_lookup == 127 )
- return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
-
- if( dec_map_lookup < 64 && j != 0 )
+ if( src[i] > 127 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+ if( src[i] == '=' )
+ {
+ if( ++equals > 2 )
+ return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+ }
+ else
+ {
+ if( equals != 0 )
+ return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+ if( dec_value( src[i] ) < 0 )
+ return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+ }
n++;
}
@@ -329,7 +264,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
* n = ( ( n * 6 ) + 7 ) >> 3;
*/
n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 );
- n -= j;
+ n -= equals;
if( dst == NULL || dlen < n )
{
@@ -337,22 +272,24 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
}
- for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ )
- {
+ equals = 0;
+ for( x = 0, p = dst; i > 0; i--, src++ )
+ {
if( *src == '\r' || *src == '\n' || *src == ' ' )
continue;
- dec_map_lookup = mbedtls_base64_table_lookup( base64_dec_map, sizeof( base64_dec_map ), *src );
-
- mbedtls_base64_cond_assign_uint32( &j, j - 1, mbedtls_base64_eq( dec_map_lookup, 64 ) );
- x = ( x << 6 ) | ( dec_map_lookup & 0x3F );
+ x = x << 6;
+ if( *src == '=' )
+ ++equals;
+ else
+ x |= dec_value( *src );
- if( ++n == 4 )
+ if( ++accumulated_digits == 4 )
{
- n = 0;
- if( j > 0 ) *p++ = (unsigned char)( x >> 16 );
- if( j > 1 ) *p++ = (unsigned char)( x >> 8 );
- if( j > 2 ) *p++ = (unsigned char)( x );
+ accumulated_digits = 0;
+ *p++ = (unsigned char)( x >> 16 );
+ if( equals <= 1 ) *p++ = (unsigned char)( x >> 8 );
+ if( equals <= 0 ) *p++ = (unsigned char)( x );
}
}

View file

@ -1,36 +0,0 @@
From 7c847235e8f0e0b877c505f19733b417bb65ff2e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 14 Sep 2021 00:13:05 +0200
Subject: [PATCH] x86_64 MULADDC assembly: add missing constraints about memory
MULADDC_CORE reads from (%%rsi) and writes to (%%rdi). This fragment is
repeated up to 16 times, and %%rsi and %%rdi are s and d on entry
respectively. Hence the complete asm statement reads 16 64-bit words
from memory starting at s, and writes 16 64-bit words starting at d.
Without any declaration of modified memory, Clang 12 and Clang 13 generated
non-working code for mbedtls_mpi_mod_exp. The constraints make the unit
tests pass with Clang 12.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
include/mbedtls/bn_mul.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h
index 6f1201bf50a..f84f9650ddc 100644
--- a/include/mbedtls/bn_mul.h
+++ b/include/mbedtls/bn_mul.h
@@ -256,9 +256,9 @@
"addq $8, %%rdi\n"
#define MULADDC_STOP \
- : "+c" (c), "+D" (d), "+S" (s) \
- : "b" (b) \
- : "rax", "rdx", "r8" \
+ : "+c" (c), "+D" (d), "+S" (s), "+m" (*(uint64_t (*)[16]) d) \
+ : "b" (b), "m" (*(const uint64_t (*)[16]) s) \
+ : "rax", "rdx", "r8" \
);
#endif /* AMD64 */