Merge remote-tracking branch 'upstream-crypto/development' into psa-api-1.0-beta-merge_development_20190801
Conflict resolution: * `scripts/config.pl`: Take the exclusion of `MBEDTLS_PSA_CRYPTO_SE_C` from the API branch. Take the removal of `MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C` (obsolete) from the development branch. * `tests/scripts/all.sh`: Multiple instances of factoring a sequence of `config.pl` calls into a mere `config.pl baremetal` in the development branch, and a change in the composition of `baremetal` in the API branch. In each case, take the version from development. * `tests/suites/test_suite_psa_crypto_slot_management.function`: A function became non-static in development and disappeared in the API branch. Keep the version from the API branch. Functions need to be non-static if they're defined but unused in some configurations, which is not the case for any function in this file at the moment. * `tests/suites/test_suite_psa_crypto.function`: Consecutive changes in the two branches, reconciled.
This commit is contained in:
commit
72c8c5b352
183 changed files with 1195 additions and 927 deletions
11
.gitignore
vendored
11
.gitignore
vendored
|
@ -31,6 +31,17 @@ massif-*
|
|||
# Python build artifacts:
|
||||
*.pyc
|
||||
|
||||
# CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
|
||||
*.dir/
|
||||
|
||||
# Visual Studio artifacts
|
||||
/visualc/VS2010/.localhistory/
|
||||
/visualc/VS2010/.vs/
|
||||
/visualc/VS2010/Debug/
|
||||
/visualc/VS2010/Release/
|
||||
/visualc/VS2010/*.vcxproj.filters
|
||||
/visualc/VS2010/*.vcxproj.user
|
||||
|
||||
# Generated documentation:
|
||||
/apidoc
|
||||
|
||||
|
|
|
@ -5,6 +5,9 @@ else()
|
|||
project("mbed TLS" C)
|
||||
endif()
|
||||
|
||||
# Set the project root directory.
|
||||
set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR})
|
||||
|
||||
option(ENABLE_PROGRAMS "Build mbed TLS programs." ON)
|
||||
|
||||
option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF)
|
||||
|
@ -121,7 +124,10 @@ if(CMAKE_COMPILER_IS_GNU)
|
|||
# note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
|
||||
execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
|
||||
OUTPUT_VARIABLE GCC_VERSION)
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -W -Wdeclaration-after-statement -Wwrite-strings")
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings")
|
||||
if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3)
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wvla")
|
||||
endif()
|
||||
if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5)
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op")
|
||||
endif()
|
||||
|
@ -138,7 +144,7 @@ if(CMAKE_COMPILER_IS_GNU)
|
|||
endif(CMAKE_COMPILER_IS_GNU)
|
||||
|
||||
if(CMAKE_COMPILER_IS_CLANG)
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -W -Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow")
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla")
|
||||
set(CMAKE_C_FLAGS_RELEASE "-O2")
|
||||
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
|
||||
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
|
||||
|
@ -216,13 +222,13 @@ if(ENABLE_TESTING)
|
|||
COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl
|
||||
)
|
||||
endif(UNIX)
|
||||
endif()
|
||||
|
||||
# Make scripts needed for testing available in an out-of-source build.
|
||||
if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
|
||||
link_to_source(scripts)
|
||||
# Copy (don't link) DartConfiguration.tcl, needed for memcheck, to
|
||||
# keep things simple with the sed commands in the memcheck target.
|
||||
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/DartConfiguration.tcl
|
||||
${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY)
|
||||
# Make scripts needed for testing available in an out-of-source build.
|
||||
if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
|
||||
link_to_source(scripts)
|
||||
# Copy (don't link) DartConfiguration.tcl, needed for memcheck, to
|
||||
# keep things simple with the sed commands in the memcheck target.
|
||||
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/DartConfiguration.tcl
|
||||
${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY)
|
||||
endif()
|
||||
endif()
|
||||
|
|
1
Makefile
1
Makefile
|
@ -1,4 +1,3 @@
|
|||
|
||||
DESTDIR=/usr/local
|
||||
PREFIX=mbedtls_
|
||||
|
||||
|
|
|
@ -81,6 +81,6 @@
|
|||
/* Miscellaneous options */
|
||||
#define MBEDTLS_AES_ROM_TABLES
|
||||
|
||||
#include "check_config.h"
|
||||
#include "mbedtls/check_config.h"
|
||||
|
||||
#endif /* MBEDTLS_CONFIG_H */
|
||||
|
|
|
@ -1971,6 +1971,6 @@
|
|||
#include MBEDTLS_USER_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "check_config.h"
|
||||
#include "mbedtls/check_config.h"
|
||||
|
||||
#endif /* MBEDTLS_CONFIG_H */
|
||||
|
|
|
@ -161,21 +161,21 @@ The library integration and the PSA platform integration use different sets of f
|
|||
|
||||
It would simplify things to always have a 32-bit owner, with a nonzero value, and thus reserve the range 0–0xffffffff for internal library use.
|
||||
|
||||
Mbed Crypto 1.0.1
|
||||
Mbed Crypto 1.1.0
|
||||
-----------------
|
||||
|
||||
Tags: TBD
|
||||
Tags: mbedcrypto-1.1.0
|
||||
|
||||
Released in May 2019. <br>
|
||||
Released in early June 2019. <br>
|
||||
Integrated in Mbed OS 5.13.
|
||||
|
||||
Identical to [1.0.0](#mbed-crypto-1.0.0) except for some changes in the key file format.
|
||||
|
||||
### Key file format for 1.0.1
|
||||
### Key file format for 1.1.0
|
||||
|
||||
The key file format is identical to [1.0.0](#key-file-format-for-1.0.0), except for the following changes:
|
||||
|
||||
* A new policy field, marked as [NEW:1.0.1] below.
|
||||
* A new policy field, marked as [NEW:1.1.0] below.
|
||||
* The encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far).
|
||||
|
||||
A self-contained description of the file layout follows.
|
||||
|
@ -189,7 +189,7 @@ The layout of a key file is:
|
|||
* type (4 bytes): `psa_key_type_t` value
|
||||
* policy usage flags (4 bytes): `psa_key_usage_t` value
|
||||
* policy usage algorithm (4 bytes): `psa_algorithm_t` value
|
||||
* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value [NEW:1.0.1]
|
||||
* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value [NEW:1.1.0]
|
||||
* key material length (4 bytes)
|
||||
* key material: output of `psa_export_key`
|
||||
* Any trailing data is rejected on load.
|
||||
|
|
|
@ -16,7 +16,7 @@ if(INSTALL_MBEDTLS_HEADERS)
|
|||
endif(INSTALL_MBEDTLS_HEADERS)
|
||||
|
||||
# Make config.h available in an out-of-source build.
|
||||
if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
|
||||
if (ENABLE_TESTING AND NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
|
||||
link_to_source(mbedtls)
|
||||
link_to_source(psa)
|
||||
endif()
|
||||
|
|
|
@ -42,7 +42,7 @@
|
|||
#define MBEDTLS_AES_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -28,12 +28,12 @@
|
|||
#define MBEDTLS_AESNI_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "aes.h"
|
||||
#include "mbedtls/aes.h"
|
||||
|
||||
#define MBEDTLS_AESNI_AES 0x02000000u
|
||||
#define MBEDTLS_AESNI_CLMUL 0x00000002u
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
#define MBEDTLS_ARC4_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
#define MBEDTLS_ARIA_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
@ -39,7 +39,7 @@
|
|||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#include "platform_util.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#define MBEDTLS_ARIA_ENCRYPT 1 /**< ARIA encryption. */
|
||||
#define MBEDTLS_ARIA_DECRYPT 0 /**< ARIA decryption. */
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_ASN1_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
@ -33,7 +33,7 @@
|
|||
#include <stddef.h>
|
||||
|
||||
#if defined(MBEDTLS_BIGNUM_C)
|
||||
#include "bignum.h"
|
||||
#include "mbedtls/bignum.h"
|
||||
#endif
|
||||
|
||||
/**
|
||||
|
|
|
@ -25,12 +25,12 @@
|
|||
#define MBEDTLS_ASN1_WRITE_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "asn1.h"
|
||||
#include "mbedtls/asn1.h"
|
||||
|
||||
#define MBEDTLS_ASN1_CHK_ADD(g, f) \
|
||||
do \
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_BASE64_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_BIGNUM_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_BLOWFISH_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
@ -33,7 +33,7 @@
|
|||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#include "platform_util.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#define MBEDTLS_BLOWFISH_ENCRYPT 1
|
||||
#define MBEDTLS_BLOWFISH_DECRYPT 0
|
||||
|
|
|
@ -39,12 +39,12 @@
|
|||
#define MBEDTLS_BN_MUL_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "bignum.h"
|
||||
#include "mbedtls/bignum.h"
|
||||
|
||||
#if defined(MBEDTLS_HAVE_ASM)
|
||||
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_CAMELLIA_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
@ -33,7 +33,7 @@
|
|||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#include "platform_util.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#define MBEDTLS_CAMELLIA_ENCRYPT 1
|
||||
#define MBEDTLS_CAMELLIA_DECRYPT 0
|
||||
|
|
|
@ -50,12 +50,12 @@
|
|||
#define MBEDTLS_CCM_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "cipher.h"
|
||||
#include "mbedtls/cipher.h"
|
||||
|
||||
#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */
|
||||
#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
|
||||
|
|
|
@ -1,106 +0,0 @@
|
|||
/**
|
||||
* \file certs.h
|
||||
*
|
||||
* \brief Sample certificates and DHM parameters for testing
|
||||
*/
|
||||
/*
|
||||
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
||||
*/
|
||||
#ifndef MBEDTLS_CERTS_H
|
||||
#define MBEDTLS_CERTS_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
/* Concatenation of all CA certificates in PEM format if available */
|
||||
extern const char mbedtls_test_cas_pem[];
|
||||
extern const size_t mbedtls_test_cas_pem_len;
|
||||
#endif
|
||||
|
||||
/* List of all CA certificates, terminated by NULL */
|
||||
extern const char * mbedtls_test_cas[];
|
||||
extern const size_t mbedtls_test_cas_len[];
|
||||
|
||||
/*
|
||||
* Convenience for users who just want a certificate:
|
||||
* RSA by default, or ECDSA if RSA is not available
|
||||
*/
|
||||
extern const char * mbedtls_test_ca_crt;
|
||||
extern const size_t mbedtls_test_ca_crt_len;
|
||||
extern const char * mbedtls_test_ca_key;
|
||||
extern const size_t mbedtls_test_ca_key_len;
|
||||
extern const char * mbedtls_test_ca_pwd;
|
||||
extern const size_t mbedtls_test_ca_pwd_len;
|
||||
extern const char * mbedtls_test_srv_crt;
|
||||
extern const size_t mbedtls_test_srv_crt_len;
|
||||
extern const char * mbedtls_test_srv_key;
|
||||
extern const size_t mbedtls_test_srv_key_len;
|
||||
extern const char * mbedtls_test_cli_crt;
|
||||
extern const size_t mbedtls_test_cli_crt_len;
|
||||
extern const char * mbedtls_test_cli_key;
|
||||
extern const size_t mbedtls_test_cli_key_len;
|
||||
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
extern const char mbedtls_test_ca_crt_ec[];
|
||||
extern const size_t mbedtls_test_ca_crt_ec_len;
|
||||
extern const char mbedtls_test_ca_key_ec[];
|
||||
extern const size_t mbedtls_test_ca_key_ec_len;
|
||||
extern const char mbedtls_test_ca_pwd_ec[];
|
||||
extern const size_t mbedtls_test_ca_pwd_ec_len;
|
||||
extern const char mbedtls_test_srv_crt_ec[];
|
||||
extern const size_t mbedtls_test_srv_crt_ec_len;
|
||||
extern const char mbedtls_test_srv_key_ec[];
|
||||
extern const size_t mbedtls_test_srv_key_ec_len;
|
||||
extern const char mbedtls_test_cli_crt_ec[];
|
||||
extern const size_t mbedtls_test_cli_crt_ec_len;
|
||||
extern const char mbedtls_test_cli_key_ec[];
|
||||
extern const size_t mbedtls_test_cli_key_ec_len;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
extern const char mbedtls_test_ca_crt_rsa[];
|
||||
extern const size_t mbedtls_test_ca_crt_rsa_len;
|
||||
extern const char mbedtls_test_ca_key_rsa[];
|
||||
extern const size_t mbedtls_test_ca_key_rsa_len;
|
||||
extern const char mbedtls_test_ca_pwd_rsa[];
|
||||
extern const size_t mbedtls_test_ca_pwd_rsa_len;
|
||||
extern const char mbedtls_test_srv_crt_rsa[];
|
||||
extern const size_t mbedtls_test_srv_crt_rsa_len;
|
||||
extern const char mbedtls_test_srv_key_rsa[];
|
||||
extern const size_t mbedtls_test_srv_key_rsa_len;
|
||||
extern const char mbedtls_test_cli_crt_rsa[];
|
||||
extern const size_t mbedtls_test_cli_crt_rsa_len;
|
||||
extern const char mbedtls_test_cli_key_rsa[];
|
||||
extern const size_t mbedtls_test_cli_key_rsa_len;
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* certs.h */
|
|
@ -34,7 +34,7 @@
|
|||
#define MBEDTLS_CHACHA20_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -34,13 +34,13 @@
|
|||
#define MBEDTLS_CHACHAPOLY_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
/* for shared error codes */
|
||||
#include "poly1305.h"
|
||||
#include "mbedtls/poly1305.h"
|
||||
|
||||
#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054 /**< The requested operation is not permitted in the current state. */
|
||||
#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056 /**< Authenticated decryption failed: data was not authentic. */
|
||||
|
@ -58,7 +58,7 @@ mbedtls_chachapoly_mode_t;
|
|||
|
||||
#if !defined(MBEDTLS_CHACHAPOLY_ALT)
|
||||
|
||||
#include "chacha20.h"
|
||||
#include "mbedtls/chacha20.h"
|
||||
|
||||
typedef struct mbedtls_chachapoly_context
|
||||
{
|
||||
|
|
|
@ -30,13 +30,13 @@
|
|||
#define MBEDTLS_CIPHER_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
#include "platform_util.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
||||
#define MBEDTLS_CIPHER_MODE_AEAD
|
||||
|
|
|
@ -27,12 +27,12 @@
|
|||
#define MBEDTLS_CIPHER_WRAP_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "cipher.h"
|
||||
#include "mbedtls/cipher.h"
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "psa/crypto.h"
|
||||
|
|
|
@ -29,12 +29,12 @@
|
|||
#define MBEDTLS_CMAC_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "cipher.h"
|
||||
#include "mbedtls/cipher.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
*/
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -277,28 +277,52 @@
|
|||
* For example, when a function accepts as input a pointer to a buffer that may
|
||||
* contain untrusted data, and its documentation mentions that this pointer
|
||||
* must not be NULL:
|
||||
* - the pointer is checked to be non-NULL only if this option is enabled
|
||||
* - the content of the buffer is always validated
|
||||
* - The pointer is checked to be non-NULL only if this option is enabled.
|
||||
* - The content of the buffer is always validated.
|
||||
*
|
||||
* When this flag is defined, if a library function receives a parameter that
|
||||
* is invalid, it will:
|
||||
* - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a
|
||||
* call to the function mbedtls_param_failed()
|
||||
* - immediately return (with a specific error code unless the function
|
||||
* returns void and can't communicate an error).
|
||||
* is invalid:
|
||||
* 1. The function will invoke the macro MBEDTLS_PARAM_FAILED().
|
||||
* 2. If MBEDTLS_PARAM_FAILED() did not terminate the program, the function
|
||||
* will immediately return. If the function returns an Mbed TLS error code,
|
||||
* the error code in this case is MBEDTLS_ERR_xxx_BAD_INPUT_DATA.
|
||||
*
|
||||
* When defining this flag, you also need to:
|
||||
* - either provide a definition of the function mbedtls_param_failed() in
|
||||
* your application (see platform_util.h for its prototype) as the library
|
||||
* calls that function, but does not provide a default definition for it,
|
||||
* - or provide a different definition of the macro MBEDTLS_PARAM_FAILED()
|
||||
* below if the above mechanism is not flexible enough to suit your needs.
|
||||
* See the documentation of this macro later in this file.
|
||||
* When defining this flag, you also need to arrange a definition for
|
||||
* MBEDTLS_PARAM_FAILED(). You can do this by any of the following methods:
|
||||
* - By default, the library defines MBEDTLS_PARAM_FAILED() to call a
|
||||
* function mbedtls_param_failed(), but the library does not define this
|
||||
* function. If you do not make any other arrangements, you must provide
|
||||
* the function mbedtls_param_failed() in your application.
|
||||
* See `platform_util.h` for its prototype.
|
||||
* - If you enable the macro #MBEDTLS_CHECK_PARAMS_ASSERT, then the
|
||||
* library defines MBEDTLS_PARAM_FAILED(\c cond) to be `assert(cond)`.
|
||||
* You can still supply an alternative definition of
|
||||
* MBEDTLS_PARAM_FAILED(), which may call `assert`.
|
||||
* - If you define a macro MBEDTLS_PARAM_FAILED() before including `config.h`
|
||||
* or you uncomment the definition of MBEDTLS_PARAM_FAILED() in `config.h`,
|
||||
* the library will call the macro that you defined and will not supply
|
||||
* its own version. Note that if MBEDTLS_PARAM_FAILED() calls `assert`,
|
||||
* you need to enable #MBEDTLS_CHECK_PARAMS_ASSERT so that library source
|
||||
* files include `<assert.h>`.
|
||||
*
|
||||
* Uncomment to enable validation of application-controlled parameters.
|
||||
*/
|
||||
//#define MBEDTLS_CHECK_PARAMS
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_CHECK_PARAMS_ASSERT
|
||||
*
|
||||
* Allow MBEDTLS_PARAM_FAILED() to call `assert`, and make it default to
|
||||
* `assert`. This macro is only used if #MBEDTLS_CHECK_PARAMS is defined.
|
||||
*
|
||||
* If this macro is not defined, then MBEDTLS_PARAM_FAILED() defaults to
|
||||
* calling a function mbedtls_param_failed(). See the documentation of
|
||||
* #MBEDTLS_CHECK_PARAMS for details.
|
||||
*
|
||||
* Uncomment to allow MBEDTLS_PARAM_FAILED() to call `assert`.
|
||||
*/
|
||||
//#define MBEDTLS_CHECK_PARAMS_ASSERT
|
||||
|
||||
/* \} name SECTION: System support */
|
||||
|
||||
/**
|
||||
|
@ -1007,18 +1031,27 @@
|
|||
/**
|
||||
* \def MBEDTLS_USE_PSA_CRYPTO
|
||||
*
|
||||
* Make the X.509 and TLS library use PSA for cryptographic operations, see
|
||||
* #MBEDTLS_PSA_CRYPTO_C.
|
||||
* Make the X.509 and TLS library use PSA for cryptographic operations, and
|
||||
* enable new APIs for using keys handled by PSA Crypto.
|
||||
*
|
||||
* Note: this option is still in progress, the full X.509 and TLS modules are
|
||||
* not covered yet, but parts that are not ported to PSA yet will still work
|
||||
* as usual, so enabling this option should not break backwards compatibility.
|
||||
* \note Development of this option is currently in progress, and parts of Mbed
|
||||
* TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts
|
||||
* will still continue to work as usual, so enabling this option should not
|
||||
* break backwards compatibility.
|
||||
*
|
||||
* \warning Support for PSA is still an experimental feature.
|
||||
* Any public API that depends on this option may change
|
||||
* at any time until this warning is removed.
|
||||
* \warning Support for PSA is still an experimental feature.
|
||||
* Any public API that depends on this option may change
|
||||
* at any time until this warning is removed.
|
||||
*
|
||||
* \warning This option enables new Mbed TLS APIs that are dependent on the
|
||||
* PSA Crypto API, so can't come with the same stability guarantees as the
|
||||
* rest of the Mbed TLS APIs. You're welcome to experiment with them, but for
|
||||
* now, access to these APIs is opt-in (via enabling the present option), in
|
||||
* order to clearly differentiate them from the stable Mbed TLS APIs.
|
||||
*
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C.
|
||||
*
|
||||
* Uncomment this to enable internal use of PSA Crypto and new associated APIs.
|
||||
*/
|
||||
//#define MBEDTLS_USE_PSA_CRYPTO
|
||||
|
||||
|
@ -1702,6 +1735,10 @@
|
|||
*
|
||||
* Enable the Platform Security Architecture cryptography API.
|
||||
*
|
||||
* \warning The PSA Crypto API is still beta status. While you're welcome to
|
||||
* experiment using it, incompatible API changes are still possible, and some
|
||||
* parts may not have reached the same quality as the rest of Mbed TLS yet.
|
||||
*
|
||||
* Module: library/psa_crypto.c
|
||||
*
|
||||
* Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
|
||||
|
@ -1966,6 +2003,42 @@
|
|||
//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
|
||||
|
||||
/**
|
||||
* \brief This macro is invoked by the library when an invalid parameter
|
||||
* is detected that is only checked with #MBEDTLS_CHECK_PARAMS
|
||||
* (see the documentation of that option for context).
|
||||
*
|
||||
* When you leave this undefined here, the library provides
|
||||
* a default definition. If the macro #MBEDTLS_CHECK_PARAMS_ASSERT
|
||||
* is defined, the default definition is `assert(cond)`,
|
||||
* otherwise the default definition calls a function
|
||||
* mbedtls_param_failed(). This function is declared in
|
||||
* `platform_util.h` for the benefit of the library, but
|
||||
* you need to define in your application.
|
||||
*
|
||||
* When you define this here, this replaces the default
|
||||
* definition in platform_util.h (which no longer declares the
|
||||
* function mbedtls_param_failed()) and it is your responsibility
|
||||
* to make sure this macro expands to something suitable (in
|
||||
* particular, that all the necessary declarations are visible
|
||||
* from within the library - you can ensure that by providing
|
||||
* them in this file next to the macro definition).
|
||||
* If you define this macro to call `assert`, also define
|
||||
* #MBEDTLS_CHECK_PARAMS_ASSERT so that library source files
|
||||
* include `<assert.h>`.
|
||||
*
|
||||
* Note that you may define this macro to expand to nothing, in
|
||||
* which case you don't have to worry about declarations or
|
||||
* definitions. However, you will then be notified about invalid
|
||||
* parameters only in non-void functions, and void function will
|
||||
* just silently return early on invalid parameters, which
|
||||
* partially negates the benefits of enabling
|
||||
* #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged.
|
||||
*
|
||||
* \param cond The expression that should evaluate to true, but doesn't.
|
||||
*/
|
||||
//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
|
||||
|
||||
/**
|
||||
* Uncomment the macro to let mbed TLS use your alternate implementation of
|
||||
* mbedtls_platform_zeroize(). This replaces the default implementation in
|
||||
|
@ -2016,6 +2089,6 @@
|
|||
#include MBEDTLS_USER_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "check_config.h"
|
||||
#include "mbedtls/check_config.h"
|
||||
|
||||
#endif /* MBEDTLS_CONFIG_H */
|
||||
|
|
|
@ -37,15 +37,15 @@
|
|||
#define MBEDTLS_CTR_DRBG_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "aes.h"
|
||||
#include "mbedtls/aes.h"
|
||||
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
#include "threading.h"
|
||||
#include "mbedtls/threading.h"
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
#define MBEDTLS_DES_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -66,11 +66,11 @@
|
|||
#define MBEDTLS_DHM_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
#include "bignum.h"
|
||||
#include "mbedtls/bignum.h"
|
||||
|
||||
/*
|
||||
* DHM Error codes
|
||||
|
|
|
@ -35,12 +35,12 @@
|
|||
#define MBEDTLS_ECDH_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "ecp.h"
|
||||
#include "mbedtls/ecp.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
|
|
@ -33,13 +33,13 @@
|
|||
#define MBEDTLS_ECDSA_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "ecp.h"
|
||||
#include "md.h"
|
||||
#include "mbedtls/ecp.h"
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
/**
|
||||
* \brief Maximum ECDSA signature size for a given curve bit size
|
||||
|
|
|
@ -41,13 +41,13 @@
|
|||
* also be use outside TLS.
|
||||
*/
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "ecp.h"
|
||||
#include "md.h"
|
||||
#include "mbedtls/ecp.h"
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
|
|
@ -37,12 +37,12 @@
|
|||
#define MBEDTLS_ECP_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "bignum.h"
|
||||
#include "mbedtls/bignum.h"
|
||||
|
||||
/*
|
||||
* ECP error codes
|
||||
|
|
|
@ -62,7 +62,7 @@
|
|||
#define MBEDTLS_ECP_INTERNAL_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_ENTROPY_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
@ -33,21 +33,21 @@
|
|||
#include <stddef.h>
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
|
||||
#include "sha512.h"
|
||||
#include "mbedtls/sha512.h"
|
||||
#define MBEDTLS_ENTROPY_SHA512_ACCUMULATOR
|
||||
#else
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#define MBEDTLS_ENTROPY_SHA256_ACCUMULATOR
|
||||
#include "sha256.h"
|
||||
#include "mbedtls/sha256.h"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
#include "threading.h"
|
||||
#include "mbedtls/threading.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_HAVEGE_C)
|
||||
#include "havege.h"
|
||||
#include "mbedtls/havege.h"
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_ENTROPY_POLL_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_ERROR_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
@ -100,8 +100,8 @@
|
|||
* ECP 4 10 (Started from top)
|
||||
* MD 5 5
|
||||
* HKDF 5 1 (Started from top)
|
||||
* CIPHER 6 8
|
||||
* SSL 6 23 (Started from top)
|
||||
* CIPHER 6 8 (Started from 0x6080)
|
||||
* SSL 6 24 (Started from top, plus 0x6000)
|
||||
* SSL 7 32
|
||||
*
|
||||
* Module dependent error code (5 bits 0x.00.-0x.F8.)
|
||||
|
|
|
@ -34,12 +34,12 @@
|
|||
#define MBEDTLS_GCM_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "cipher.h"
|
||||
#include "mbedtls/cipher.h"
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
|
|
|
@ -25,12 +25,13 @@
|
|||
#define MBEDTLS_HAVEGE_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024
|
||||
|
||||
|
@ -43,9 +44,9 @@ extern "C" {
|
|||
*/
|
||||
typedef struct mbedtls_havege_state
|
||||
{
|
||||
int PT1, PT2, offset[2];
|
||||
int pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
|
||||
int WALK[8192];
|
||||
uint32_t PT1, PT2, offset[2];
|
||||
uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
|
||||
uint32_t WALK[8192];
|
||||
}
|
||||
mbedtls_havege_state;
|
||||
|
||||
|
|
|
@ -28,12 +28,12 @@
|
|||
#define MBEDTLS_HKDF_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "md.h"
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
/**
|
||||
* \name HKDF Error codes
|
||||
|
|
|
@ -25,15 +25,15 @@
|
|||
#define MBEDTLS_HMAC_DRBG_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "md.h"
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
#include "threading.h"
|
||||
#include "mbedtls/threading.h"
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
#include <stddef.h>
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
#define MBEDTLS_MD2_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
#define MBEDTLS_MD4_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
#define MBEDTLS_MD5_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -29,12 +29,12 @@
|
|||
#define MBEDTLS_MD_WRAP_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "md.h"
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_MEMORY_BUFFER_ALLOC_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -38,12 +38,12 @@
|
|||
#define MBEDTLS_NIST_KW_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "cipher.h"
|
||||
#include "mbedtls/cipher.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
|
|
@ -25,22 +25,22 @@
|
|||
#define MBEDTLS_OID_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "asn1.h"
|
||||
#include "pk.h"
|
||||
#include "mbedtls/asn1.h"
|
||||
#include "mbedtls/pk.h"
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_C)
|
||||
#include "cipher.h"
|
||||
#include "mbedtls/cipher.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
#include "md.h"
|
||||
#include "mbedtls/md.h"
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */
|
||||
|
|
|
@ -29,12 +29,12 @@
|
|||
#define MBEDTLS_PADLOCK_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "aes.h"
|
||||
#include "mbedtls/aes.h"
|
||||
|
||||
#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */
|
||||
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_PEM_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
@ -112,17 +112,27 @@ void mbedtls_pem_free( mbedtls_pem_context *ctx );
|
|||
* \brief Write a buffer of PEM information from a DER encoded
|
||||
* buffer.
|
||||
*
|
||||
* \param header header string to write
|
||||
* \param footer footer string to write
|
||||
* \param der_data DER data to write
|
||||
* \param der_len length of the DER data
|
||||
* \param buf buffer to write to
|
||||
* \param buf_len length of output buffer
|
||||
* \param olen total length written / required (if buf_len is not enough)
|
||||
* \param header The header string to write.
|
||||
* \param footer The footer string to write.
|
||||
* \param der_data The DER data to encode.
|
||||
* \param der_len The length of the DER data \p der_data in Bytes.
|
||||
* \param buf The buffer to write to.
|
||||
* \param buf_len The length of the output buffer \p buf in Bytes.
|
||||
* \param olen The address at which to store the total length written
|
||||
* or required (if \p buf_len is not enough).
|
||||
*
|
||||
* \return 0 on success, or a specific PEM or BASE64 error code. On
|
||||
* MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL olen is the required
|
||||
* size.
|
||||
* \note You may pass \c NULL for \p buf and \c 0 for \p buf_len
|
||||
* to request the length of the resulting PEM buffer in
|
||||
* `*olen`.
|
||||
*
|
||||
* \note This function may be called with overlapping \p der_data
|
||||
* and \p buf buffers.
|
||||
*
|
||||
* \return \c 0 on success.
|
||||
* \return #MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL if \p buf isn't large
|
||||
* enough to hold the PEM buffer. In this case, `*olen` holds
|
||||
* the required minimum size of \p buf.
|
||||
* \return Another PEM or BASE64 error code on other kinds of failure.
|
||||
*/
|
||||
int mbedtls_pem_write_buffer( const char *header, const char *footer,
|
||||
const unsigned char *der_data, size_t der_len,
|
||||
|
|
|
@ -26,23 +26,23 @@
|
|||
#define MBEDTLS_PK_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "md.h"
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#include "rsa.h"
|
||||
#include "mbedtls/rsa.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
#include "ecp.h"
|
||||
#include "mbedtls/ecp.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
#include "ecdsa.h"
|
||||
#include "mbedtls/ecdsa.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
|
|
|
@ -26,12 +26,12 @@
|
|||
#define MBEDTLS_PK_WRAP_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "pk.h"
|
||||
#include "mbedtls/pk.h"
|
||||
|
||||
struct mbedtls_pk_info_t
|
||||
{
|
||||
|
|
|
@ -25,14 +25,14 @@
|
|||
#define MBEDTLS_PKCS12_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "md.h"
|
||||
#include "cipher.h"
|
||||
#include "asn1.h"
|
||||
#include "mbedtls/md.h"
|
||||
#include "mbedtls/cipher.h"
|
||||
#include "mbedtls/asn1.h"
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
|
|
|
@ -27,13 +27,13 @@
|
|||
#define MBEDTLS_PKCS5_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "asn1.h"
|
||||
#include "md.h"
|
||||
#include "mbedtls/asn1.h"
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
|
|
@ -34,13 +34,13 @@
|
|||
#define MBEDTLS_PLATFORM_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_HAVE_TIME)
|
||||
#include "platform_time.h"
|
||||
#include "mbedtls/platform_time.h"
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 /**< Hardware accelerator failed */
|
||||
|
@ -256,6 +256,7 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
|
|||
* the destination buffer is too short.
|
||||
*/
|
||||
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
|
||||
#include <stdarg.h>
|
||||
/* For Older Windows (inc. MSYS2), we provide our own fixed implementation */
|
||||
int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg );
|
||||
#endif
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_PLATFORM_TIME_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -26,14 +26,14 @@
|
|||
#define MBEDTLS_PLATFORM_UTIL_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
#if defined(MBEDTLS_HAVE_TIME_DATE)
|
||||
#include "platform_time.h"
|
||||
#include "mbedtls/platform_time.h"
|
||||
#include <time.h>
|
||||
#endif /* MBEDTLS_HAVE_TIME_DATE */
|
||||
|
||||
|
@ -43,6 +43,12 @@ extern "C" {
|
|||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS_ASSERT)
|
||||
/* Allow the user to define MBEDTLS_PARAM_FAILED to something like assert
|
||||
* (which is what our config.h suggests). */
|
||||
#include <assert.h>
|
||||
#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */
|
||||
|
||||
#if defined(MBEDTLS_PARAM_FAILED)
|
||||
/** An alternative definition of MBEDTLS_PARAM_FAILED has been set in config.h.
|
||||
*
|
||||
|
@ -50,6 +56,11 @@ extern "C" {
|
|||
* MBEDTLS_PARAM_FAILED() will expand to a call to mbedtls_param_failed().
|
||||
*/
|
||||
#define MBEDTLS_PARAM_FAILED_ALT
|
||||
|
||||
#elif defined(MBEDTLS_CHECK_PARAMS_ASSERT)
|
||||
#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
|
||||
#define MBEDTLS_PARAM_FAILED_ALT
|
||||
|
||||
#else /* MBEDTLS_PARAM_FAILED */
|
||||
#define MBEDTLS_PARAM_FAILED( cond ) \
|
||||
mbedtls_param_failed( #cond, __FILE__, __LINE__ )
|
||||
|
|
|
@ -34,7 +34,7 @@
|
|||
#define MBEDTLS_POLY1305_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
#define MBEDTLS_PSA_UTIL_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
@ -38,10 +38,10 @@
|
|||
|
||||
#include "psa/crypto.h"
|
||||
|
||||
#include "ecp.h"
|
||||
#include "md.h"
|
||||
#include "pk.h"
|
||||
#include "oid.h"
|
||||
#include "mbedtls/ecp.h"
|
||||
#include "mbedtls/md.h"
|
||||
#include "mbedtls/pk.h"
|
||||
#include "mbedtls/oid.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_RIPEMD160_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
@ -57,7 +57,7 @@ typedef struct mbedtls_ripemd160_context
|
|||
mbedtls_ripemd160_context;
|
||||
|
||||
#else /* MBEDTLS_RIPEMD160_ALT */
|
||||
#include "ripemd160.h"
|
||||
#include "ripemd160_alt.h"
|
||||
#endif /* MBEDTLS_RIPEMD160_ALT */
|
||||
|
||||
/**
|
||||
|
|
|
@ -31,16 +31,16 @@
|
|||
#define MBEDTLS_RSA_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "bignum.h"
|
||||
#include "md.h"
|
||||
#include "mbedtls/bignum.h"
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
#include "threading.h"
|
||||
#include "mbedtls/threading.h"
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
|
|
@ -58,12 +58,12 @@
|
|||
#define MBEDTLS_RSA_INTERNAL_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "bignum.h"
|
||||
#include "mbedtls/bignum.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
|
|
@ -32,7 +32,7 @@
|
|||
#define MBEDTLS_SHA1_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -28,7 +28,7 @@
|
|||
#define MBEDTLS_SHA256_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -27,7 +27,7 @@
|
|||
#define MBEDTLS_SHA512_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_THREADING_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_TIMING_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
#define MBEDTLS_VERSION_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
#define MBEDTLS_XTEA_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -38,7 +38,7 @@
|
|||
/* Include the Mbed TLS configuration file, the way Mbed TLS does it
|
||||
* in each of its header files. */
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "../mbedtls/config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -45,7 +45,7 @@
|
|||
/* Include the Mbed TLS configuration file, the way Mbed TLS does it
|
||||
* in each of its header files. */
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "../mbedtls/config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -38,7 +38,7 @@
|
|||
/* Include the Mbed TLS configuration file, the way Mbed TLS does it
|
||||
* in each of its header files. */
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "../mbedtls/config.h"
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
|
|
@ -1,6 +1,14 @@
|
|||
option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON)
|
||||
option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF)
|
||||
option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF)
|
||||
option(LINK_WITH_TRUSTED_STORAGE "Explicitly link mbed TLS library to trusted_storage." OFF)
|
||||
|
||||
# Set the project root directory if it's not already defined, as may happen if
|
||||
# the library folder is included directly by a parent project, without
|
||||
# including the top level CMakeLists.txt.
|
||||
if(NOT DEFINED MBEDTLS_DIR)
|
||||
set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR})
|
||||
endif()
|
||||
|
||||
set(src_crypto
|
||||
aes.c
|
||||
|
@ -73,9 +81,9 @@ set(src_crypto
|
|||
if(USE_CRYPTO_SUBMODULE)
|
||||
set(src_crypto
|
||||
${src_crypto}
|
||||
${CMAKE_SOURCE_DIR}/library/version.c
|
||||
${CMAKE_SOURCE_DIR}/library/version_features.c
|
||||
${CMAKE_SOURCE_DIR}/library/error.c
|
||||
${MBEDTLS_DIR}/library/version.c
|
||||
${MBEDTLS_DIR}/library/version_features.c
|
||||
${MBEDTLS_DIR}/library/error.c
|
||||
)
|
||||
else()
|
||||
set(src_crypto
|
||||
|
@ -119,6 +127,10 @@ if(LINK_WITH_PTHREAD)
|
|||
set(libs ${libs} pthread)
|
||||
endif()
|
||||
|
||||
if(LINK_WITH_TRUSTED_STORAGE)
|
||||
set(libs ${libs} trusted_storage)
|
||||
endif()
|
||||
|
||||
if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY)
|
||||
message(FATAL_ERROR "Need to choose static or shared mbedtls build!")
|
||||
endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY)
|
||||
|
@ -134,8 +146,8 @@ if(USE_STATIC_MBEDTLS_LIBRARY)
|
|||
set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
|
||||
target_link_libraries(${mbedcrypto_static_target} ${libs})
|
||||
target_include_directories(${mbedcrypto_static_target}
|
||||
PUBLIC ${CMAKE_SOURCE_DIR}/include/
|
||||
PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/)
|
||||
PUBLIC ${MBEDTLS_DIR}/include/
|
||||
PUBLIC ${MBEDTLS_DIR}/crypto/include/)
|
||||
|
||||
install(TARGETS ${mbedcrypto_static_target}
|
||||
DESTINATION ${LIB_INSTALL_DIR}
|
||||
|
@ -147,8 +159,8 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
|
|||
set_target_properties(mbedcrypto PROPERTIES VERSION 2.17.0 SOVERSION 3)
|
||||
target_link_libraries(mbedcrypto ${libs})
|
||||
target_include_directories(mbedcrypto
|
||||
PUBLIC ${CMAKE_SOURCE_DIR}/include/
|
||||
PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/)
|
||||
PUBLIC ${MBEDTLS_DIR}/include/
|
||||
PUBLIC ${MBEDTLS_DIR}/crypto/include/)
|
||||
|
||||
install(TARGETS mbedcrypto
|
||||
DESTINATION ${LIB_INSTALL_DIR}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# Also see "include/mbedtls/config.h"
|
||||
|
||||
CFLAGS ?= -O2
|
||||
WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement
|
||||
WARNING_CFLAGS ?= -Wall -Wextra
|
||||
LDFLAGS ?=
|
||||
|
||||
CRYPTO_INCLUDES ?= -I../include
|
||||
|
|
|
@ -649,12 +649,28 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path )
|
|||
|
||||
#if defined(MBEDTLS_SELF_TEST)
|
||||
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
static const char mbedtls_test_dhm_params[] =
|
||||
"-----BEGIN DH PARAMETERS-----\r\n"
|
||||
"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n"
|
||||
"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n"
|
||||
"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n"
|
||||
"-----END DH PARAMETERS-----\r\n";
|
||||
#else /* MBEDTLS_PEM_PARSE_C */
|
||||
static const char mbedtls_test_dhm_params[] = {
|
||||
0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x35, 0xf4, 0x30, 0x44,
|
||||
0x3a, 0x09, 0x90, 0x4f, 0x3a, 0x39, 0xa9, 0x79, 0x79, 0x7d, 0x07, 0x0d,
|
||||
0xf5, 0x33, 0x78, 0xe7, 0x9c, 0x24, 0x38, 0xbe, 0xf4, 0xe7, 0x61, 0xf3,
|
||||
0xc7, 0x14, 0x55, 0x33, 0x28, 0x58, 0x9b, 0x04, 0x1c, 0x80, 0x9b, 0xe1,
|
||||
0xd6, 0xc6, 0xb5, 0xf1, 0xfc, 0x9f, 0x47, 0xd3, 0xa2, 0x54, 0x43, 0x18,
|
||||
0x82, 0x53, 0xa9, 0x92, 0xa5, 0x68, 0x18, 0xb3, 0x7b, 0xa9, 0xde, 0x5a,
|
||||
0x40, 0xd3, 0x62, 0xe5, 0x6e, 0xff, 0x0b, 0xe5, 0x41, 0x74, 0x74, 0xc1,
|
||||
0x25, 0xc1, 0x99, 0x27, 0x2c, 0x8f, 0xe4, 0x1d, 0xea, 0x73, 0x3d, 0xf6,
|
||||
0xf6, 0x62, 0xc9, 0x2a, 0xe7, 0x65, 0x56, 0xe7, 0x55, 0xd1, 0x0c, 0x64,
|
||||
0xe6, 0xa5, 0x09, 0x68, 0xf6, 0x7f, 0xc6, 0xea, 0x73, 0xd0, 0xdc, 0xa8,
|
||||
0x56, 0x9b, 0xe2, 0xba, 0x20, 0x4e, 0x23, 0x58, 0x0d, 0x8b, 0xca, 0x2f,
|
||||
0x49, 0x75, 0xb3, 0x02, 0x01, 0x02 };
|
||||
#endif /* MBEDTLS_PEM_PARSE_C */
|
||||
|
||||
static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params );
|
||||
|
||||
|
|
|
@ -2004,8 +2004,10 @@ static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp,
|
|||
* Make sure w is within bounds.
|
||||
* (The last test is useful only for very small curves in the test suite.)
|
||||
*/
|
||||
#if( MBEDTLS_ECP_WINDOW_SIZE < 6 )
|
||||
if( w > MBEDTLS_ECP_WINDOW_SIZE )
|
||||
w = MBEDTLS_ECP_WINDOW_SIZE;
|
||||
#endif
|
||||
if( w >= grp->nbits )
|
||||
w = 2;
|
||||
|
||||
|
|
|
@ -38,6 +38,7 @@
|
|||
#include "mbedtls/timing.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
|
||||
/* ------------------------------------------------------------------------
|
||||
|
@ -54,7 +55,7 @@
|
|||
* ------------------------------------------------------------------------
|
||||
*/
|
||||
|
||||
#define SWAP(X,Y) { int *T = (X); (X) = (Y); (Y) = T; }
|
||||
#define SWAP(X,Y) { uint32_t *T = (X); (X) = (Y); (Y) = T; }
|
||||
|
||||
#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
|
||||
#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
|
||||
|
@ -77,7 +78,7 @@
|
|||
PTX = (PT1 >> 18) & 7; \
|
||||
PT1 &= 0x1FFF; \
|
||||
PT2 &= 0x1FFF; \
|
||||
CLK = (int) mbedtls_timing_hardclock(); \
|
||||
CLK = (uint32_t) mbedtls_timing_hardclock(); \
|
||||
\
|
||||
i = 0; \
|
||||
A = &WALK[PT1 ]; RES[i++] ^= *A; \
|
||||
|
@ -100,7 +101,7 @@
|
|||
\
|
||||
IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \
|
||||
*A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \
|
||||
*B = IN; CLK = (int) mbedtls_timing_hardclock(); \
|
||||
*B = IN; CLK = (uint32_t) mbedtls_timing_hardclock(); \
|
||||
*C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \
|
||||
*D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \
|
||||
\
|
||||
|
@ -158,10 +159,11 @@
|
|||
*/
|
||||
static void havege_fill( mbedtls_havege_state *hs )
|
||||
{
|
||||
int i, n = 0;
|
||||
int U1, U2, *A, *B, *C, *D;
|
||||
int PT1, PT2, *WALK, RES[16];
|
||||
int PTX, PTY, CLK, PTEST, IN;
|
||||
size_t n = 0;
|
||||
size_t i;
|
||||
uint32_t U1, U2, *A, *B, *C, *D;
|
||||
uint32_t PT1, PT2, *WALK, RES[16];
|
||||
uint32_t PTX, PTY, CLK, PTEST, IN;
|
||||
|
||||
WALK = hs->WALK;
|
||||
PT1 = hs->PT1;
|
||||
|
@ -212,7 +214,7 @@ void mbedtls_havege_free( mbedtls_havege_state *hs )
|
|||
*/
|
||||
int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len )
|
||||
{
|
||||
int val;
|
||||
uint32_t val;
|
||||
size_t use_len;
|
||||
mbedtls_havege_state *hs = (mbedtls_havege_state *) p_rng;
|
||||
unsigned char *p = buf;
|
||||
|
@ -220,8 +222,8 @@ int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len )
|
|||
while( len > 0 )
|
||||
{
|
||||
use_len = len;
|
||||
if( use_len > sizeof(int) )
|
||||
use_len = sizeof(int);
|
||||
if( use_len > sizeof( val ) )
|
||||
use_len = sizeof( val );
|
||||
|
||||
if( hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE )
|
||||
havege_fill( hs );
|
||||
|
|
|
@ -5828,6 +5828,15 @@ psa_status_t psa_crypto_init( void )
|
|||
|
||||
/* Initialize the random generator. */
|
||||
global_data.entropy_init( &global_data.entropy );
|
||||
#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
|
||||
defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
|
||||
/* The PSA entropy injection feature depends on using NV seed as an entropy
|
||||
* source. Add NV seed as an entropy source for PSA entropy injection. */
|
||||
mbedtls_entropy_add_source( &global_data.entropy,
|
||||
mbedtls_nv_seed_poll, NULL,
|
||||
MBEDTLS_ENTROPY_BLOCK_SIZE,
|
||||
MBEDTLS_ENTROPY_SOURCE_STRONG );
|
||||
#endif
|
||||
mbedtls_ctr_drbg_init( &global_data.ctr_drbg );
|
||||
global_data.rng_state = RNG_INITIALIZED;
|
||||
status = mbedtls_to_psa_error(
|
||||
|
|
|
@ -91,6 +91,7 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
|
|||
* \param[in] data_offset The starting offset of the data requested
|
||||
* \param[in] data_length the amount of data requested (and the minimum allocated size of the `p_data` buffer)
|
||||
* \param[out] p_data The buffer where the data will be placed upon successful completion
|
||||
* \param[out] p_data_length The amount of data returned in the p_data buffer
|
||||
*
|
||||
*
|
||||
* \return A status indicating the success/failure of the operation
|
||||
|
@ -106,7 +107,8 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
|
|||
psa_status_t psa_its_get(psa_storage_uid_t uid,
|
||||
uint32_t data_offset,
|
||||
uint32_t data_length,
|
||||
void *p_data);
|
||||
void *p_data,
|
||||
size_t *p_data_length );
|
||||
|
||||
/**
|
||||
* \brief Retrieve the metadata about the provided uid
|
||||
|
|
|
@ -102,12 +102,15 @@ static psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key,
|
|||
psa_status_t status;
|
||||
psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
|
||||
struct psa_storage_info_t data_identifier_info;
|
||||
size_t data_length = 0;
|
||||
|
||||
status = psa_its_get_info( data_identifier, &data_identifier_info );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
status = psa_its_get( data_identifier, 0, (uint32_t) data_size, data );
|
||||
status = psa_its_get( data_identifier, 0, (uint32_t) data_size, data, &data_length );
|
||||
if( data_size != data_length )
|
||||
return( PSA_ERROR_STORAGE_FAILURE );
|
||||
|
||||
return( status );
|
||||
}
|
||||
|
|
|
@ -44,7 +44,9 @@
|
|||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#if !defined(PSA_ITS_STORAGE_PREFIX)
|
||||
#define PSA_ITS_STORAGE_PREFIX ""
|
||||
#endif
|
||||
|
||||
#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx"
|
||||
#define PSA_ITS_STORAGE_SUFFIX ".psa_its"
|
||||
|
@ -137,7 +139,8 @@ psa_status_t psa_its_get_info( psa_storage_uid_t uid,
|
|||
psa_status_t psa_its_get( psa_storage_uid_t uid,
|
||||
uint32_t data_offset,
|
||||
uint32_t data_length,
|
||||
void *p_data )
|
||||
void *p_data,
|
||||
size_t *p_data_length )
|
||||
{
|
||||
psa_status_t status;
|
||||
FILE *stream = NULL;
|
||||
|
@ -172,6 +175,8 @@ psa_status_t psa_its_get( psa_storage_uid_t uid,
|
|||
if( n != data_length )
|
||||
goto exit;
|
||||
status = PSA_SUCCESS;
|
||||
if( p_data_length != NULL )
|
||||
*p_data_length = n;
|
||||
|
||||
exit:
|
||||
if( stream != NULL )
|
||||
|
|
|
@ -51,7 +51,6 @@
|
|||
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
|
||||
|
||||
#include <windows.h>
|
||||
#include <winbase.h>
|
||||
#include <process.h>
|
||||
|
||||
struct _hr_time
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
|
||||
#include <string.h>
|
||||
|
||||
static const char *features[] = {
|
||||
static const char * const features[] = {
|
||||
#if defined(MBEDTLS_VERSION_FEATURES)
|
||||
#if defined(MBEDTLS_HAVE_ASM)
|
||||
"MBEDTLS_HAVE_ASM",
|
||||
|
@ -90,6 +90,9 @@ static const char *features[] = {
|
|||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
"MBEDTLS_CHECK_PARAMS",
|
||||
#endif /* MBEDTLS_CHECK_PARAMS */
|
||||
#if defined(MBEDTLS_CHECK_PARAMS_ASSERT)
|
||||
"MBEDTLS_CHECK_PARAMS_ASSERT",
|
||||
#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */
|
||||
#if defined(MBEDTLS_TIMING_ALT)
|
||||
"MBEDTLS_TIMING_ALT",
|
||||
#endif /* MBEDTLS_TIMING_ALT */
|
||||
|
@ -597,7 +600,7 @@ static const char *features[] = {
|
|||
|
||||
int mbedtls_version_check_feature( const char *feature )
|
||||
{
|
||||
const char **idx = features;
|
||||
const char * const *idx = features;
|
||||
|
||||
if( *idx == NULL )
|
||||
return( -2 );
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
|
||||
|
||||
CFLAGS ?= -O2
|
||||
WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement
|
||||
WARNING_CXXFLAGS ?= -Wall -W
|
||||
WARNING_CFLAGS ?= -Wall -Wextra
|
||||
WARNING_CXXFLAGS ?= -Wall -Wextra
|
||||
LDFLAGS ?=
|
||||
|
||||
LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64
|
||||
|
@ -244,6 +244,7 @@ psa/crypto_examples$(EXEXT): psa/crypto_examples.c $(DEP)
|
|||
clean:
|
||||
ifndef WINDOWS
|
||||
rm -f $(APPS) $(EXTRA_GENERATED)
|
||||
-rm -f test/cpp_dummy_build$(EXEXT)
|
||||
else
|
||||
if exist *.o del /S /Q /F *.o
|
||||
if exist *.exe del /S /Q /F *.exe
|
||||
|
|
|
@ -80,17 +80,6 @@ int main( void )
|
|||
}
|
||||
#else
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
|
|
@ -82,17 +82,6 @@ int main( void )
|
|||
}
|
||||
#else
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
|
|
@ -52,17 +52,6 @@ int main( void )
|
|||
}
|
||||
#else
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum )
|
||||
{
|
||||
|
|
|
@ -48,17 +48,6 @@ int main( void )
|
|||
}
|
||||
#else
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
int main( void )
|
||||
{
|
||||
|
|
|
@ -69,17 +69,6 @@ int main( void )
|
|||
*/
|
||||
#define GENERATOR "4"
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
int main( int argc, char **argv )
|
||||
{
|
||||
|
|
|
@ -53,17 +53,6 @@ int main( void )
|
|||
#include "mbedtls/ctr_drbg.h"
|
||||
#include "mbedtls/ecdh.h"
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
|
|
@ -100,17 +100,6 @@ static void dump_pubkey( const char *title, mbedtls_ecdsa_context *key )
|
|||
#define dump_pubkey( a, b )
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
|
|
@ -137,17 +137,6 @@ int main( void )
|
|||
}
|
||||
#else
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* global options
|
||||
|
|
|
@ -64,7 +64,6 @@
|
|||
" password_file=%%s default: \"\"\n" \
|
||||
"\n"
|
||||
|
||||
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || \
|
||||
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO)
|
||||
int main( void )
|
||||
|
@ -75,17 +74,6 @@ int main( void )
|
|||
}
|
||||
#else
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* global options
|
||||
|
|
|
@ -98,17 +98,6 @@ int main( void )
|
|||
}
|
||||
#else
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* global options
|
||||
|
|
|
@ -50,17 +50,6 @@ int main( void )
|
|||
}
|
||||
#else
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
int main( void )
|
||||
{
|
||||
|
|
|
@ -48,7 +48,6 @@
|
|||
#include <string.h>
|
||||
#endif
|
||||
|
||||
|
||||
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) || \
|
||||
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
|
||||
!defined(MBEDTLS_CTR_DRBG_C)
|
||||
|
@ -61,17 +60,6 @@ int main( void )
|
|||
}
|
||||
#else
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
|
|
@ -61,17 +61,6 @@ int main( void )
|
|||
}
|
||||
#else
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
|
|
@ -60,17 +60,6 @@ int main( void )
|
|||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#if defined(MBEDTLS_CHECK_PARAMS)
|
||||
#include "mbedtls/platform_util.h"
|
||||
void mbedtls_param_failed( const char *failure_condition,
|
||||
const char *file,
|
||||
int line )
|
||||
{
|
||||
mbedtls_printf( "%s:%i: Input param failed - %s\n",
|
||||
file, line, failure_condition );
|
||||
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
|
||||
}
|
||||
#endif
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue